diff options
Diffstat (limited to 'lib/plugins')
112 files changed, 4708 insertions, 4103 deletions
diff --git a/lib/plugins/acl/admin.php b/lib/plugins/acl/admin.php index b24981d91..6c7c28ff6 100644 --- a/lib/plugins/acl/admin.php +++ b/lib/plugins/acl/admin.php @@ -345,7 +345,7 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin { } /** - * Print infos and editor + * Print info and editor */ function _html_info(){ global $ID; diff --git a/lib/plugins/acl/lang/bg/lang.php b/lib/plugins/acl/lang/bg/lang.php index 95201750e..14e7d311c 100644 --- a/lib/plugins/acl/lang/bg/lang.php +++ b/lib/plugins/acl/lang/bg/lang.php @@ -1,8 +1,8 @@ <?php + /** - * bulgarian language file - * * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author Nikolay Vladimirov <nikolay@vladimiroff.com> * @author Viktor Usunov <usun0v@mail.bg> * @author Kiril <neohidra@gmail.com> diff --git a/lib/plugins/acl/lang/fi/lang.php b/lib/plugins/acl/lang/fi/lang.php index 4f145e0f6..50224dfb4 100644 --- a/lib/plugins/acl/lang/fi/lang.php +++ b/lib/plugins/acl/lang/fi/lang.php @@ -1,7 +1,8 @@ <?php + /** - * Finnish language file - * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author otto@valjakko.net * @author Otto Vainio <otto@valjakko.net> * @author Teemu Mattila <ghcsystems@gmail.com> diff --git a/lib/plugins/acl/lang/id/lang.php b/lib/plugins/acl/lang/id/lang.php index 650637635..6f619c5ec 100644 --- a/lib/plugins/acl/lang/id/lang.php +++ b/lib/plugins/acl/lang/id/lang.php @@ -1,8 +1,8 @@ <?php + /** - * Indonesian language file - * * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author mubaidillah <mubaidillah@gmail.com> * @author Yustinus Waruwu <juswaruwu@gmail.com> */ diff --git a/lib/plugins/acl/lang/ko/lang.php b/lib/plugins/acl/lang/ko/lang.php index 2f1ba2311..34b93a9f4 100644 --- a/lib/plugins/acl/lang/ko/lang.php +++ b/lib/plugins/acl/lang/ko/lang.php @@ -12,6 +12,7 @@ * @author Seung-Chul Yoo <dryoo@live.com> * @author erial2@gmail.com * @author Myeongjin <aranet100@gmail.com> + * @author Garam <rowain8@gmail.com> */ $lang['admin_acl'] = '접근 제어 목록 관리'; $lang['acl_group'] = '그룹'; @@ -27,7 +28,7 @@ $lang['p_group_ns'] = '<b class="aclgroup">%s</b> 그룹 구성원은 $lang['p_choose_id'] = '<b class="aclpage">%s</b> 문서 접근 권한을 보거나 바꾸려면 <b>사용자</b>나 <b>그룹</b>을 위 양식에 입력하세요.'; $lang['p_choose_ns'] = '<b class="aclns">%s</b> 이름공간 접근 권한을 보거나 바꾸려면 <b>사용자</b>나 <b>그룹</b>을 위 양식에 입력하세요.'; $lang['p_inherited'] = '참고: 권한이 명시적으로 설정되지 않았으므로 다른 그룹이나 상위 이름공간으로부터 가져왔습니다.'; -$lang['p_isadmin'] = '참고: 슈퍼유저로 설정되어 있으므로 선택된 그룹이나 사용자는 언제나 모든 접근 권한을 가집니다.'; +$lang['p_isadmin'] = '참고: 슈퍼 사용자로 설정되어 있으므로 선택된 그룹이나 사용자는 언제나 모든 접근 권한을 가집니다.'; $lang['p_include'] = '더 높은 접근 권한은 하위를 포함합니다. 문서가 아닌 이름공간에는 만들기, 올리기, 삭제 권한만 적용됩니다.'; $lang['current'] = '현재 ACL 규칙'; $lang['where'] = '문서/이름공간'; diff --git a/lib/plugins/acl/lang/no/lang.php b/lib/plugins/acl/lang/no/lang.php index 09d71937a..82cdd5eef 100644 --- a/lib/plugins/acl/lang/no/lang.php +++ b/lib/plugins/acl/lang/no/lang.php @@ -1,8 +1,8 @@ <?php + /** - * Norwegian language file - * * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author Reidar Mosvold <Reidar.Mosvold@hit.no> * @author Jorge Barrera Grandon <jorge@digitalwolves.org> * @author Thomas Nygreen <nygreen@gmail.com> @@ -10,7 +10,7 @@ * @author Torkill Bruland <torkar-b@online.no> * @author Rune M. Andersen <rune.andersen@gmail.com> * @author Jakob Vad Nielsen (me@jakobnielsen.net) - * @author Kjell Tore Næsgaard <kjell.t.nasgaard@ntnu.no> + * @author Kjell Tore Næsgaard <kjell.t.nasgaard@ntnu.no> * @author Knut Staring <knutst@gmail.com> * @author Lisa Ditlefsen <lisa@vervesearch.com> * @author Erik Pedersen <erik.pedersen@shaw.ca> diff --git a/lib/plugins/acl/lang/pl/lang.php b/lib/plugins/acl/lang/pl/lang.php index bef2d2615..42ce7fdaf 100644 --- a/lib/plugins/acl/lang/pl/lang.php +++ b/lib/plugins/acl/lang/pl/lang.php @@ -1,8 +1,8 @@ <?php + /** - * polish language file - * * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author Grzegorz Żur <grzegorz.zur@gmail.com> * @author Mariusz Kujawski <marinespl@gmail.com> * @author Maciej Kurczewski <pipijajko@gmail.com> diff --git a/lib/plugins/acl/lang/vi/lang.php b/lib/plugins/acl/lang/vi/lang.php index ddf764dca..4fc3388ff 100644 --- a/lib/plugins/acl/lang/vi/lang.php +++ b/lib/plugins/acl/lang/vi/lang.php @@ -1,44 +1,35 @@ <?php + /** - * vietnamese language file - * * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) - * @author NukeViet <admin@nukeviet.vn> + * + * @author NukeViet <admin@nukeviet.vn> */ - -$lang['admin_acl'] = 'Quản lý danh sách quyền truy cập'; -$lang['acl_group'] = 'Nhóm'; -$lang['acl_user'] = 'Thành viên'; -$lang['acl_perms'] = 'Cấp phép cho'; -$lang['page'] = 'Trang'; -$lang['namespace'] = 'Thư mục'; - -$lang['btn_select'] = 'Chọn'; - -$lang['p_user_id'] = 'Thành viên <b class="acluser">%s</b> hiện tại được cấp phép cho trang <b class="aclpage">%s</b>: <i>%s</i>.'; -$lang['p_user_ns'] = 'Thành viên <b class="acluser">%s</b> hiện tại được cấp phép cho thư mục <b class="aclns">%s</b>: <i>%s</i>.'; -$lang['p_group_id'] = 'Thành viên trong nhóm <b class="aclgroup">%s</b> hiện tại được cấp phép cho trang <b class="aclpage">%s</b>: <i>%s</i>.'; -$lang['p_group_ns'] = 'Thành viên trong nhóm <b class="aclgroup">%s</b> hiện tại được cấp phép cho thư mục <b class="aclns">%s</b>: <i>%s</i>.'; - -$lang['p_choose_id'] = 'Hãy <b>nhập tên thành viên hoặc nhóm</b> vào ô trên đây để xem hoặc sửa quyền đã thiết đặt cho trang <b class="aclpage">%s</b>.'; -$lang['p_choose_ns'] = 'Hãy <b>nhập tên thành viên hoặc nhóm</b> vào ô trên đây để xem hoặc sửa quyền đã thiết đặt cho thư mục <b class="aclns">%s</b>.'; - - -$lang['p_inherited'] = 'Ghi chú: Có những quyền không được thể hiện ở đây nhưng nó được cấp phép từ những nhóm hoặc thư mục cấp cao.'; -$lang['p_isadmin'] = 'Ghi chú: Nhóm hoặc thành viên này luôn được cấp đủ quyền vì họ là Quản trị tối cao'; -$lang['p_include'] = 'Một số quyền thấp được thể hiện ở mức cao hơn. Quyền tạo, tải lên và xóa chỉ dành cho thư mục, không dành cho trang.'; - -$lang['current'] = 'Danh sách quyền truy cập hiện tại'; -$lang['where'] = 'Trang/Thư mục'; -$lang['who'] = 'Thành viên/Nhóm'; -$lang['perm'] = 'Quyền'; - -$lang['acl_perm0'] = 'Không'; -$lang['acl_perm1'] = 'Đọc'; -$lang['acl_perm2'] = 'Sửa'; -$lang['acl_perm4'] = 'Tạo'; -$lang['acl_perm8'] = 'Tải lên'; -$lang['acl_perm16'] = 'Xóa'; -$lang['acl_new'] = 'Thêm mục mới'; -$lang['acl_mod'] = 'Sửa'; -//Setup VIM: ex: et ts=2 : +$lang['admin_acl'] = 'Quản lý danh sách quyền truy cập'; +$lang['acl_group'] = 'Nhóm'; +$lang['acl_user'] = 'Thành viên'; +$lang['acl_perms'] = 'Cấp phép cho'; +$lang['page'] = 'Trang'; +$lang['namespace'] = 'Thư mục'; +$lang['btn_select'] = 'Chọn'; +$lang['p_user_id'] = 'Thành viên <b class="acluser">%s</b> hiện tại được cấp phép cho trang <b class="aclpage">%s</b>: <i>%s</i>.'; +$lang['p_user_ns'] = 'Thành viên <b class="acluser">%s</b> hiện tại được cấp phép cho thư mục <b class="aclns">%s</b>: <i>%s</i>.'; +$lang['p_group_id'] = 'Thành viên trong nhóm <b class="aclgroup">%s</b> hiện tại được cấp phép cho trang <b class="aclpage">%s</b>: <i>%s</i>.'; +$lang['p_group_ns'] = 'Thành viên trong nhóm <b class="aclgroup">%s</b> hiện tại được cấp phép cho thư mục <b class="aclns">%s</b>: <i>%s</i>.'; +$lang['p_choose_id'] = 'Hãy <b>nhập tên thành viên hoặc nhóm</b> vào ô trên đây để xem hoặc sửa quyền đã thiết đặt cho trang <b class="aclpage">%s</b>.'; +$lang['p_choose_ns'] = 'Hãy <b>nhập tên thành viên hoặc nhóm</b> vào ô trên đây để xem hoặc sửa quyền đã thiết đặt cho thư mục <b class="aclns">%s</b>.'; +$lang['p_inherited'] = 'Ghi chú: Có những quyền không được thể hiện ở đây nhưng nó được cấp phép từ những nhóm hoặc thư mục cấp cao.'; +$lang['p_isadmin'] = 'Ghi chú: Nhóm hoặc thành viên này luôn được cấp đủ quyền vì họ là Quản trị tối cao'; +$lang['p_include'] = 'Một số quyền thấp được thể hiện ở mức cao hơn. Quyền tạo, tải lên và xóa chỉ dành cho thư mục, không dành cho trang.'; +$lang['current'] = 'Danh sách quyền truy cập hiện tại'; +$lang['where'] = 'Trang/Thư mục'; +$lang['who'] = 'Thành viên/Nhóm'; +$lang['perm'] = 'Quyền'; +$lang['acl_perm0'] = 'Không'; +$lang['acl_perm1'] = 'Đọc'; +$lang['acl_perm2'] = 'Sửa'; +$lang['acl_perm4'] = 'Tạo'; +$lang['acl_perm8'] = 'Tải lên'; +$lang['acl_perm16'] = 'Xóa'; +$lang['acl_new'] = 'Thêm mục mới'; +$lang['acl_mod'] = 'Sửa'; diff --git a/lib/plugins/authad/adLDAP/adLDAP.php b/lib/plugins/authad/adLDAP/adLDAP.php index a8f33b47e..c1f92abe2 100644 --- a/lib/plugins/authad/adLDAP/adLDAP.php +++ b/lib/plugins/authad/adLDAP/adLDAP.php @@ -1,951 +1,951 @@ -<?php
-/**
- * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
- * Version 4.0.4
- *
- * PHP Version 5 with SSL and LDAP support
- *
- * Written by Scott Barnett, Richard Hyland
- * email: scott@wiggumworld.com, adldap@richardhyland.com
- * http://adldap.sourceforge.net/
- *
- * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- *
- * We'd appreciate any improvements or additions to be submitted back
- * to benefit the entire community :)
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * @category ToolsAndUtilities
- * @package adLDAP
- * @author Scott Barnett, Richard Hyland
- * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
- * @revision $Revision: 169 $
- * @version 4.0.4
- * @link http://adldap.sourceforge.net/
- */
-
-/**
-* Main adLDAP class
-*
-* Can be initialised using $adldap = new adLDAP();
-*
-* Something to keep in mind is that Active Directory is a permissions
-* based directory. If you bind as a domain user, you can't fetch as
-* much information on other users as you could as a domain admin.
-*
-* Before asking questions, please read the Documentation at
-* http://adldap.sourceforge.net/wiki/doku.php?id=api
-*/
-require_once(dirname(__FILE__) . '/collections/adLDAPCollection.php');
-require_once(dirname(__FILE__) . '/classes/adLDAPGroups.php');
-require_once(dirname(__FILE__) . '/classes/adLDAPUsers.php');
-require_once(dirname(__FILE__) . '/classes/adLDAPFolders.php');
-require_once(dirname(__FILE__) . '/classes/adLDAPUtils.php');
-require_once(dirname(__FILE__) . '/classes/adLDAPContacts.php');
-require_once(dirname(__FILE__) . '/classes/adLDAPExchange.php');
-require_once(dirname(__FILE__) . '/classes/adLDAPComputers.php');
-
-class adLDAP {
-
- /**
- * Define the different types of account in AD
- */
- const ADLDAP_NORMAL_ACCOUNT = 805306368;
- const ADLDAP_WORKSTATION_TRUST = 805306369;
- const ADLDAP_INTERDOMAIN_TRUST = 805306370;
- const ADLDAP_SECURITY_GLOBAL_GROUP = 268435456;
- const ADLDAP_DISTRIBUTION_GROUP = 268435457;
- const ADLDAP_SECURITY_LOCAL_GROUP = 536870912;
- const ADLDAP_DISTRIBUTION_LOCAL_GROUP = 536870913;
- const ADLDAP_FOLDER = 'OU';
- const ADLDAP_CONTAINER = 'CN';
-
- /**
- * The default port for LDAP non-SSL connections
- */
- const ADLDAP_LDAP_PORT = '389';
- /**
- * The default port for LDAPS SSL connections
- */
- const ADLDAP_LDAPS_PORT = '636';
-
- /**
- * The account suffix for your domain, can be set when the class is invoked
- *
- * @var string
- */
- protected $accountSuffix = "@mydomain.local";
-
- /**
- * The base dn for your domain
- *
- * If this is set to null then adLDAP will attempt to obtain this automatically from the rootDSE
- *
- * @var string
- */
- protected $baseDn = "DC=mydomain,DC=local";
-
- /**
- * Port used to talk to the domain controllers.
- *
- * @var int
- */
- protected $adPort = self::ADLDAP_LDAP_PORT;
-
- /**
- * Array of domain controllers. Specifiy multiple controllers if you
- * would like the class to balance the LDAP queries amongst multiple servers
- *
- * @var array
- */
- protected $domainControllers = array("dc01.mydomain.local");
-
- /**
- * Optional account with higher privileges for searching
- * This should be set to a domain admin account
- *
- * @var string
- * @var string
- */
- protected $adminUsername = NULL;
- protected $adminPassword = NULL;
-
- /**
- * AD does not return the primary group. http://support.microsoft.com/?kbid=321360
- * This tweak will resolve the real primary group.
- * Setting to false will fudge "Domain Users" and is much faster. Keep in mind though that if
- * someone's primary group is NOT domain users, this is obviously going to mess up the results
- *
- * @var bool
- */
- protected $realPrimaryGroup = true;
-
- /**
- * Use SSL (LDAPS), your server needs to be setup, please see
- * http://adldap.sourceforge.net/wiki/doku.php?id=ldap_over_ssl
- *
- * @var bool
- */
- protected $useSSL = false;
-
- /**
- * Use TLS
- * If you wish to use TLS you should ensure that $useSSL is set to false and vice-versa
- *
- * @var bool
- */
- protected $useTLS = false;
-
- /**
- * Use SSO
- * To indicate to adLDAP to reuse password set by the brower through NTLM or Kerberos
- *
- * @var bool
- */
- protected $useSSO = false;
-
- /**
- * When querying group memberships, do it recursively
- * eg. User Fred is a member of Group A, which is a member of Group B, which is a member of Group C
- * user_ingroup("Fred","C") will returns true with this option turned on, false if turned off
- *
- * @var bool
- */
- protected $recursiveGroups = true;
-
- // You should not need to edit anything below this line
- //******************************************************************************************
-
- /**
- * Connection and bind default variables
- *
- * @var mixed
- * @var mixed
- */
- protected $ldapConnection;
- protected $ldapBind;
-
- /**
- * Get the active LDAP Connection
- *
- * @return resource
- */
- public function getLdapConnection() {
- if ($this->ldapConnection) {
- return $this->ldapConnection;
- }
- return false;
- }
-
- /**
- * Get the bind status
- *
- * @return bool
- */
- public function getLdapBind() {
- return $this->ldapBind;
- }
-
- /**
- * Get the current base DN
- *
- * @return string
- */
- public function getBaseDn() {
- return $this->baseDn;
- }
-
- /**
- * The group class
- *
- * @var adLDAPGroups
- */
- protected $groupClass;
-
- /**
- * Get the group class interface
- *
- * @return adLDAPGroups
- */
- public function group() {
- if (!$this->groupClass) {
- $this->groupClass = new adLDAPGroups($this);
- }
- return $this->groupClass;
- }
-
- /**
- * The user class
- *
- * @var adLDAPUsers
- */
- protected $userClass;
-
- /**
- * Get the userclass interface
- *
- * @return adLDAPUsers
- */
- public function user() {
- if (!$this->userClass) {
- $this->userClass = new adLDAPUsers($this);
- }
- return $this->userClass;
- }
-
- /**
- * The folders class
- *
- * @var adLDAPFolders
- */
- protected $folderClass;
-
- /**
- * Get the folder class interface
- *
- * @return adLDAPFolders
- */
- public function folder() {
- if (!$this->folderClass) {
- $this->folderClass = new adLDAPFolders($this);
- }
- return $this->folderClass;
- }
-
- /**
- * The utils class
- *
- * @var adLDAPUtils
- */
- protected $utilClass;
-
- /**
- * Get the utils class interface
- *
- * @return adLDAPUtils
- */
- public function utilities() {
- if (!$this->utilClass) {
- $this->utilClass = new adLDAPUtils($this);
- }
- return $this->utilClass;
- }
-
- /**
- * The contacts class
- *
- * @var adLDAPContacts
- */
- protected $contactClass;
-
- /**
- * Get the contacts class interface
- *
- * @return adLDAPContacts
- */
- public function contact() {
- if (!$this->contactClass) {
- $this->contactClass = new adLDAPContacts($this);
- }
- return $this->contactClass;
- }
-
- /**
- * The exchange class
- *
- * @var adLDAPExchange
- */
- protected $exchangeClass;
-
- /**
- * Get the exchange class interface
- *
- * @return adLDAPExchange
- */
- public function exchange() {
- if (!$this->exchangeClass) {
- $this->exchangeClass = new adLDAPExchange($this);
- }
- return $this->exchangeClass;
- }
-
- /**
- * The computers class
- *
- * @var adLDAPComputers
- */
- protected $computersClass;
-
- /**
- * Get the computers class interface
- *
- * @return adLDAPComputers
- */
- public function computer() {
- if (!$this->computerClass) {
- $this->computerClass = new adLDAPComputers($this);
- }
- return $this->computerClass;
- }
-
- /**
- * Getters and Setters
- */
-
- /**
- * Set the account suffix
- *
- * @param string $accountSuffix
- * @return void
- */
- public function setAccountSuffix($accountSuffix)
- {
- $this->accountSuffix = $accountSuffix;
- }
-
- /**
- * Get the account suffix
- *
- * @return string
- */
- public function getAccountSuffix()
- {
- return $this->accountSuffix;
- }
-
- /**
- * Set the domain controllers array
- *
- * @param array $domainControllers
- * @return void
- */
- public function setDomainControllers(array $domainControllers)
- {
- $this->domainControllers = $domainControllers;
- }
-
- /**
- * Get the list of domain controllers
- *
- * @return void
- */
- public function getDomainControllers()
- {
- return $this->domainControllers;
- }
-
- /**
- * Sets the port number your domain controller communicates over
- *
- * @param int $adPort
- */
- public function setPort($adPort)
- {
- $this->adPort = $adPort;
- }
-
- /**
- * Gets the port number your domain controller communicates over
- *
- * @return int
- */
- public function getPort()
- {
- return $this->adPort;
- }
-
- /**
- * Set the username of an account with higher priviledges
- *
- * @param string $adminUsername
- * @return void
- */
- public function setAdminUsername($adminUsername)
- {
- $this->adminUsername = $adminUsername;
- }
-
- /**
- * Get the username of the account with higher priviledges
- *
- * This will throw an exception for security reasons
- */
- public function getAdminUsername()
- {
- throw new adLDAPException('For security reasons you cannot access the domain administrator account details');
- }
-
- /**
- * Set the password of an account with higher priviledges
- *
- * @param string $adminPassword
- * @return void
- */
- public function setAdminPassword($adminPassword)
- {
- $this->adminPassword = $adminPassword;
- }
-
- /**
- * Get the password of the account with higher priviledges
- *
- * This will throw an exception for security reasons
- */
- public function getAdminPassword()
- {
- throw new adLDAPException('For security reasons you cannot access the domain administrator account details');
- }
-
- /**
- * Set whether to detect the true primary group
- *
- * @param bool $realPrimaryGroup
- * @return void
- */
- public function setRealPrimaryGroup($realPrimaryGroup)
- {
- $this->realPrimaryGroup = $realPrimaryGroup;
- }
-
- /**
- * Get the real primary group setting
- *
- * @return bool
- */
- public function getRealPrimaryGroup()
- {
- return $this->realPrimaryGroup;
- }
-
- /**
- * Set whether to use SSL
- *
- * @param bool $useSSL
- * @return void
- */
- public function setUseSSL($useSSL)
- {
- $this->useSSL = $useSSL;
- // Set the default port correctly
- if($this->useSSL) {
- $this->setPort(self::ADLDAP_LDAPS_PORT);
- }
- else {
- $this->setPort(self::ADLDAP_LDAP_PORT);
- }
- }
-
- /**
- * Get the SSL setting
- *
- * @return bool
- */
- public function getUseSSL()
- {
- return $this->useSSL;
- }
-
- /**
- * Set whether to use TLS
- *
- * @param bool $useTLS
- * @return void
- */
- public function setUseTLS($useTLS)
- {
- $this->useTLS = $useTLS;
- }
-
- /**
- * Get the TLS setting
- *
- * @return bool
- */
- public function getUseTLS()
- {
- return $this->useTLS;
- }
-
- /**
- * Set whether to use SSO
- * Requires ldap_sasl_bind support. Be sure --with-ldap-sasl is used when configuring PHP otherwise this function will be undefined.
- *
- * @param bool $useSSO
- * @return void
- */
- public function setUseSSO($useSSO)
- {
- if ($useSSO === true && !$this->ldapSaslSupported()) {
- throw new adLDAPException('No LDAP SASL support for PHP. See: http://www.php.net/ldap_sasl_bind');
- }
- $this->useSSO = $useSSO;
- }
-
- /**
- * Get the SSO setting
- *
- * @return bool
- */
- public function getUseSSO()
- {
- return $this->useSSO;
- }
-
- /**
- * Set whether to lookup recursive groups
- *
- * @param bool $recursiveGroups
- * @return void
- */
- public function setRecursiveGroups($recursiveGroups)
- {
- $this->recursiveGroups = $recursiveGroups;
- }
-
- /**
- * Get the recursive groups setting
- *
- * @return bool
- */
- public function getRecursiveGroups()
- {
- return $this->recursiveGroups;
- }
-
- /**
- * Default Constructor
- *
- * Tries to bind to the AD domain over LDAP or LDAPs
- *
- * @param array $options Array of options to pass to the constructor
- * @throws Exception - if unable to bind to Domain Controller
- * @return bool
- */
- function __construct($options = array()) {
- // You can specifically overide any of the default configuration options setup above
- if (count($options) > 0) {
- if (array_key_exists("account_suffix",$options)){ $this->accountSuffix = $options["account_suffix"]; }
- if (array_key_exists("base_dn",$options)){ $this->baseDn = $options["base_dn"]; }
- if (array_key_exists("domain_controllers",$options)){
- if (!is_array($options["domain_controllers"])) {
- throw new adLDAPException('[domain_controllers] option must be an array');
- }
- $this->domainControllers = $options["domain_controllers"];
- }
- if (array_key_exists("admin_username",$options)){ $this->adminUsername = $options["admin_username"]; }
- if (array_key_exists("admin_password",$options)){ $this->adminPassword = $options["admin_password"]; }
- if (array_key_exists("real_primarygroup",$options)){ $this->realPrimaryGroup = $options["real_primarygroup"]; }
- if (array_key_exists("use_ssl",$options)){ $this->setUseSSL($options["use_ssl"]); }
- if (array_key_exists("use_tls",$options)){ $this->useTLS = $options["use_tls"]; }
- if (array_key_exists("recursive_groups",$options)){ $this->recursiveGroups = $options["recursive_groups"]; }
- if (array_key_exists("ad_port",$options)){ $this->setPort($options["ad_port"]); }
- if (array_key_exists("sso",$options)) {
- $this->setUseSSO($options["sso"]);
- if (!$this->ldapSaslSupported()) {
- $this->setUseSSO(false);
- }
- }
- }
-
- if ($this->ldapSupported() === false) {
- throw new adLDAPException('No LDAP support for PHP. See: http://www.php.net/ldap');
- }
-
- return $this->connect();
- }
-
- /**
- * Default Destructor
- *
- * Closes the LDAP connection
- *
- * @return void
- */
- function __destruct() {
- $this->close();
- }
-
- /**
- * Connects and Binds to the Domain Controller
- *
- * @return bool
- */
- public function connect()
- {
- // Connect to the AD/LDAP server as the username/password
- $domainController = $this->randomController();
- if ($this->useSSL) {
- $this->ldapConnection = ldap_connect("ldaps://" . $domainController, $this->adPort);
- } else {
- $this->ldapConnection = ldap_connect($domainController, $this->adPort);
- }
-
- // Set some ldap options for talking to AD
- ldap_set_option($this->ldapConnection, LDAP_OPT_PROTOCOL_VERSION, 3);
- ldap_set_option($this->ldapConnection, LDAP_OPT_REFERRALS, 0);
-
- if ($this->useTLS) {
- ldap_start_tls($this->ldapConnection);
- }
-
- // Bind as a domain admin if they've set it up
- if ($this->adminUsername !== NULL && $this->adminPassword !== NULL) {
- $this->ldapBind = @ldap_bind($this->ldapConnection, $this->adminUsername . $this->accountSuffix, $this->adminPassword);
- if (!$this->ldapBind) {
- if ($this->useSSL && !$this->useTLS) {
- // If you have problems troubleshooting, remove the @ character from the ldapldapBind command above to get the actual error message
- throw new adLDAPException('Bind to Active Directory failed. Either the LDAPs connection failed or the login credentials are incorrect. AD said: ' . $this->getLastError());
- }
- else {
- throw new adLDAPException('Bind to Active Directory failed. Check the login credentials and/or server details. AD said: ' . $this->getLastError());
- }
- }
- }
- if ($this->useSSO && $_SERVER['REMOTE_USER'] && $this->adminUsername === null && $_SERVER['KRB5CCNAME']) {
- putenv("KRB5CCNAME=" . $_SERVER['KRB5CCNAME']);
- $this->ldapBind = @ldap_sasl_bind($this->ldapConnection, NULL, NULL, "GSSAPI");
- if (!$this->ldapBind){
- throw new adLDAPException('Rebind to Active Directory failed. AD said: ' . $this->getLastError());
- }
- else {
- return true;
- }
- }
-
-
- if ($this->baseDn == NULL) {
- $this->baseDn = $this->findBaseDn();
- }
-
- return true;
- }
-
- /**
- * Closes the LDAP connection
- *
- * @return void
- */
- public function close() {
- if ($this->ldapConnection) {
- @ldap_close($this->ldapConnection);
- }
- }
-
- /**
- * Validate a user's login credentials
- *
- * @param string $username A user's AD username
- * @param string $password A user's AD password
- * @param bool optional $preventRebind
- * @return bool
- */
- public function authenticate($username, $password, $preventRebind = false) {
- // Prevent null binding
- if ($username === NULL || $password === NULL) { return false; }
- if (empty($username) || empty($password)) { return false; }
-
- // Allow binding over SSO for Kerberos
- if ($this->useSSO && $_SERVER['REMOTE_USER'] && $_SERVER['REMOTE_USER'] == $username && $this->adminUsername === NULL && $_SERVER['KRB5CCNAME']) {
- putenv("KRB5CCNAME=" . $_SERVER['KRB5CCNAME']);
- $this->ldapBind = @ldap_sasl_bind($this->ldapConnection, NULL, NULL, "GSSAPI");
- if (!$this->ldapBind) {
- throw new adLDAPException('Rebind to Active Directory failed. AD said: ' . $this->getLastError());
- }
- else {
- return true;
- }
- }
-
- // Bind as the user
- $ret = true;
- $this->ldapBind = @ldap_bind($this->ldapConnection, $username . $this->accountSuffix, $password);
- if (!$this->ldapBind){
- $ret = false;
- }
-
- // Cnce we've checked their details, kick back into admin mode if we have it
- if ($this->adminUsername !== NULL && !$preventRebind) {
- $this->ldapBind = @ldap_bind($this->ldapConnection, $this->adminUsername . $this->accountSuffix , $this->adminPassword);
- if (!$this->ldapBind){
- // This should never happen in theory
- throw new adLDAPException('Rebind to Active Directory failed. AD said: ' . $this->getLastError());
- }
- }
-
- return $ret;
- }
-
- /**
- * Find the Base DN of your domain controller
- *
- * @return string
- */
- public function findBaseDn()
- {
- $namingContext = $this->getRootDse(array('defaultnamingcontext'));
- return $namingContext[0]['defaultnamingcontext'][0];
- }
-
- /**
- * Get the RootDSE properties from a domain controller
- *
- * @param array $attributes The attributes you wish to query e.g. defaultnamingcontext
- * @return array
- */
- public function getRootDse($attributes = array("*", "+")) {
- if (!$this->ldapBind){ return (false); }
-
- $sr = @ldap_read($this->ldapConnection, NULL, 'objectClass=*', $attributes);
- $entries = @ldap_get_entries($this->ldapConnection, $sr);
- return $entries;
- }
-
- /**
- * Get last error from Active Directory
- *
- * This function gets the last message from Active Directory
- * This may indeed be a 'Success' message but if you get an unknown error
- * it might be worth calling this function to see what errors were raised
- *
- * return string
- */
- public function getLastError() {
- return @ldap_error($this->ldapConnection);
- }
-
- /**
- * Detect LDAP support in php
- *
- * @return bool
- */
- protected function ldapSupported()
- {
- if (!function_exists('ldap_connect')) {
- return false;
- }
- return true;
- }
-
- /**
- * Detect ldap_sasl_bind support in PHP
- *
- * @return bool
- */
- protected function ldapSaslSupported()
- {
- if (!function_exists('ldap_sasl_bind')) {
- return false;
- }
- return true;
- }
-
- /**
- * Schema
- *
- * @param array $attributes Attributes to be queried
- * @return array
- */
- public function adldap_schema($attributes){
-
- // LDAP doesn't like NULL attributes, only set them if they have values
- // If you wish to remove an attribute you should set it to a space
- // TO DO: Adapt user_modify to use ldap_mod_delete to remove a NULL attribute
- $mod=array();
-
- // Check every attribute to see if it contains 8bit characters and then UTF8 encode them
- array_walk($attributes, array($this, 'encode8bit'));
-
- if ($attributes["address_city"]){ $mod["l"][0]=$attributes["address_city"]; }
- if ($attributes["address_code"]){ $mod["postalCode"][0]=$attributes["address_code"]; }
- //if ($attributes["address_country"]){ $mod["countryCode"][0]=$attributes["address_country"]; } // use country codes?
- if ($attributes["address_country"]){ $mod["c"][0]=$attributes["address_country"]; }
- if ($attributes["address_pobox"]){ $mod["postOfficeBox"][0]=$attributes["address_pobox"]; }
- if ($attributes["address_state"]){ $mod["st"][0]=$attributes["address_state"]; }
- if ($attributes["address_street"]){ $mod["streetAddress"][0]=$attributes["address_street"]; }
- if ($attributes["company"]){ $mod["company"][0]=$attributes["company"]; }
- if ($attributes["change_password"]){ $mod["pwdLastSet"][0]=0; }
- if ($attributes["department"]){ $mod["department"][0]=$attributes["department"]; }
- if ($attributes["description"]){ $mod["description"][0]=$attributes["description"]; }
- if ($attributes["display_name"]){ $mod["displayName"][0]=$attributes["display_name"]; }
- if ($attributes["email"]){ $mod["mail"][0]=$attributes["email"]; }
- if ($attributes["expires"]){ $mod["accountExpires"][0]=$attributes["expires"]; } //unix epoch format?
- if ($attributes["firstname"]){ $mod["givenName"][0]=$attributes["firstname"]; }
- if ($attributes["home_directory"]){ $mod["homeDirectory"][0]=$attributes["home_directory"]; }
- if ($attributes["home_drive"]){ $mod["homeDrive"][0]=$attributes["home_drive"]; }
- if ($attributes["initials"]){ $mod["initials"][0]=$attributes["initials"]; }
- if ($attributes["logon_name"]){ $mod["userPrincipalName"][0]=$attributes["logon_name"]; }
- if ($attributes["manager"]){ $mod["manager"][0]=$attributes["manager"]; } //UNTESTED ***Use DistinguishedName***
- if ($attributes["office"]){ $mod["physicalDeliveryOfficeName"][0]=$attributes["office"]; }
- if ($attributes["password"]){ $mod["unicodePwd"][0]=$this->user()->encodePassword($attributes["password"]); }
- if ($attributes["profile_path"]){ $mod["profilepath"][0]=$attributes["profile_path"]; }
- if ($attributes["script_path"]){ $mod["scriptPath"][0]=$attributes["script_path"]; }
- if ($attributes["surname"]){ $mod["sn"][0]=$attributes["surname"]; }
- if ($attributes["title"]){ $mod["title"][0]=$attributes["title"]; }
- if ($attributes["telephone"]){ $mod["telephoneNumber"][0]=$attributes["telephone"]; }
- if ($attributes["mobile"]){ $mod["mobile"][0]=$attributes["mobile"]; }
- if ($attributes["pager"]){ $mod["pager"][0]=$attributes["pager"]; }
- if ($attributes["ipphone"]){ $mod["ipphone"][0]=$attributes["ipphone"]; }
- if ($attributes["web_page"]){ $mod["wWWHomePage"][0]=$attributes["web_page"]; }
- if ($attributes["fax"]){ $mod["facsimileTelephoneNumber"][0]=$attributes["fax"]; }
- if ($attributes["enabled"]){ $mod["userAccountControl"][0]=$attributes["enabled"]; }
- if ($attributes["homephone"]){ $mod["homephone"][0]=$attributes["homephone"]; }
-
- // Distribution List specific schema
- if ($attributes["group_sendpermission"]){ $mod["dlMemSubmitPerms"][0]=$attributes["group_sendpermission"]; }
- if ($attributes["group_rejectpermission"]){ $mod["dlMemRejectPerms"][0]=$attributes["group_rejectpermission"]; }
-
- // Exchange Schema
- if ($attributes["exchange_homemdb"]){ $mod["homeMDB"][0]=$attributes["exchange_homemdb"]; }
- if ($attributes["exchange_mailnickname"]){ $mod["mailNickname"][0]=$attributes["exchange_mailnickname"]; }
- if ($attributes["exchange_proxyaddress"]){ $mod["proxyAddresses"][0]=$attributes["exchange_proxyaddress"]; }
- if ($attributes["exchange_usedefaults"]){ $mod["mDBUseDefaults"][0]=$attributes["exchange_usedefaults"]; }
- if ($attributes["exchange_policyexclude"]){ $mod["msExchPoliciesExcluded"][0]=$attributes["exchange_policyexclude"]; }
- if ($attributes["exchange_policyinclude"]){ $mod["msExchPoliciesIncluded"][0]=$attributes["exchange_policyinclude"]; }
- if ($attributes["exchange_addressbook"]){ $mod["showInAddressBook"][0]=$attributes["exchange_addressbook"]; }
- if ($attributes["exchange_altrecipient"]){ $mod["altRecipient"][0]=$attributes["exchange_altrecipient"]; }
- if ($attributes["exchange_deliverandredirect"]){ $mod["deliverAndRedirect"][0]=$attributes["exchange_deliverandredirect"]; }
-
- // This schema is designed for contacts
- if ($attributes["exchange_hidefromlists"]){ $mod["msExchHideFromAddressLists"][0]=$attributes["exchange_hidefromlists"]; }
- if ($attributes["contact_email"]){ $mod["targetAddress"][0]=$attributes["contact_email"]; }
-
- //echo ("<pre>"); print_r($mod);
- /*
- // modifying a name is a bit fiddly
- if ($attributes["firstname"] && $attributes["surname"]){
- $mod["cn"][0]=$attributes["firstname"]." ".$attributes["surname"];
- $mod["displayname"][0]=$attributes["firstname"]." ".$attributes["surname"];
- $mod["name"][0]=$attributes["firstname"]." ".$attributes["surname"];
- }
- */
-
- if (count($mod)==0){ return (false); }
- return ($mod);
- }
-
- /**
- * Convert 8bit characters e.g. accented characters to UTF8 encoded characters
- */
- protected function encode8Bit(&$item, $key) {
- $encode = false;
- if (is_string($item)) {
- for ($i=0; $i<strlen($item); $i++) {
- if (ord($item[$i]) >> 7) {
- $encode = true;
- }
- }
- }
- if ($encode === true && $key != 'password') {
- $item = utf8_encode($item);
- }
- }
-
- /**
- * Select a random domain controller from your domain controller array
- *
- * @return string
- */
- protected function randomController()
- {
- mt_srand(doubleval(microtime()) * 100000000); // For older PHP versions
- /*if (sizeof($this->domainControllers) > 1) {
- $adController = $this->domainControllers[array_rand($this->domainControllers)];
- // Test if the controller is responding to pings
- $ping = $this->pingController($adController);
- if ($ping === false) {
- // Find the current key in the domain controllers array
- $key = array_search($adController, $this->domainControllers);
- // Remove it so that we don't end up in a recursive loop
- unset($this->domainControllers[$key]);
- // Select a new controller
- return $this->randomController();
- }
- else {
- return ($adController);
- }
- } */
- return $this->domainControllers[array_rand($this->domainControllers)];
- }
-
- /**
- * Test basic connectivity to controller
- *
- * @return bool
- */
- protected function pingController($host) {
- $port = $this->adPort;
- fsockopen($host, $port, $errno, $errstr, 10);
- if ($errno > 0) {
- return false;
- }
- return true;
- }
-
-}
-
-/**
-* adLDAP Exception Handler
-*
-* Exceptions of this type are thrown on bind failure or when SSL is required but not configured
-* Example:
-* try {
-* $adldap = new adLDAP();
-* }
-* catch (adLDAPException $e) {
-* echo $e;
-* exit();
-* }
-*/
-class adLDAPException extends Exception {}
-
+<?php +/** + * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY + * Version 4.0.4 + * + * PHP Version 5 with SSL and LDAP support + * + * Written by Scott Barnett, Richard Hyland + * email: scott@wiggumworld.com, adldap@richardhyland.com + * http://adldap.sourceforge.net/ + * + * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * + * We'd appreciate any improvements or additions to be submitted back + * to benefit the entire community :) + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * @category ToolsAndUtilities + * @package adLDAP + * @author Scott Barnett, Richard Hyland + * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1 + * @revision $Revision: 169 $ + * @version 4.0.4 + * @link http://adldap.sourceforge.net/ + */ + +/** +* Main adLDAP class +* +* Can be initialised using $adldap = new adLDAP(); +* +* Something to keep in mind is that Active Directory is a permissions +* based directory. If you bind as a domain user, you can't fetch as +* much information on other users as you could as a domain admin. +* +* Before asking questions, please read the Documentation at +* http://adldap.sourceforge.net/wiki/doku.php?id=api +*/ +require_once(dirname(__FILE__) . '/collections/adLDAPCollection.php'); +require_once(dirname(__FILE__) . '/classes/adLDAPGroups.php'); +require_once(dirname(__FILE__) . '/classes/adLDAPUsers.php'); +require_once(dirname(__FILE__) . '/classes/adLDAPFolders.php'); +require_once(dirname(__FILE__) . '/classes/adLDAPUtils.php'); +require_once(dirname(__FILE__) . '/classes/adLDAPContacts.php'); +require_once(dirname(__FILE__) . '/classes/adLDAPExchange.php'); +require_once(dirname(__FILE__) . '/classes/adLDAPComputers.php'); + +class adLDAP { + + /** + * Define the different types of account in AD + */ + const ADLDAP_NORMAL_ACCOUNT = 805306368; + const ADLDAP_WORKSTATION_TRUST = 805306369; + const ADLDAP_INTERDOMAIN_TRUST = 805306370; + const ADLDAP_SECURITY_GLOBAL_GROUP = 268435456; + const ADLDAP_DISTRIBUTION_GROUP = 268435457; + const ADLDAP_SECURITY_LOCAL_GROUP = 536870912; + const ADLDAP_DISTRIBUTION_LOCAL_GROUP = 536870913; + const ADLDAP_FOLDER = 'OU'; + const ADLDAP_CONTAINER = 'CN'; + + /** + * The default port for LDAP non-SSL connections + */ + const ADLDAP_LDAP_PORT = '389'; + /** + * The default port for LDAPS SSL connections + */ + const ADLDAP_LDAPS_PORT = '636'; + + /** + * The account suffix for your domain, can be set when the class is invoked + * + * @var string + */ + protected $accountSuffix = "@mydomain.local"; + + /** + * The base dn for your domain + * + * If this is set to null then adLDAP will attempt to obtain this automatically from the rootDSE + * + * @var string + */ + protected $baseDn = "DC=mydomain,DC=local"; + + /** + * Port used to talk to the domain controllers. + * + * @var int + */ + protected $adPort = self::ADLDAP_LDAP_PORT; + + /** + * Array of domain controllers. Specifiy multiple controllers if you + * would like the class to balance the LDAP queries amongst multiple servers + * + * @var array + */ + protected $domainControllers = array("dc01.mydomain.local"); + + /** + * Optional account with higher privileges for searching + * This should be set to a domain admin account + * + * @var string + * @var string + */ + protected $adminUsername = NULL; + protected $adminPassword = NULL; + + /** + * AD does not return the primary group. http://support.microsoft.com/?kbid=321360 + * This tweak will resolve the real primary group. + * Setting to false will fudge "Domain Users" and is much faster. Keep in mind though that if + * someone's primary group is NOT domain users, this is obviously going to mess up the results + * + * @var bool + */ + protected $realPrimaryGroup = true; + + /** + * Use SSL (LDAPS), your server needs to be setup, please see + * http://adldap.sourceforge.net/wiki/doku.php?id=ldap_over_ssl + * + * @var bool + */ + protected $useSSL = false; + + /** + * Use TLS + * If you wish to use TLS you should ensure that $useSSL is set to false and vice-versa + * + * @var bool + */ + protected $useTLS = false; + + /** + * Use SSO + * To indicate to adLDAP to reuse password set by the brower through NTLM or Kerberos + * + * @var bool + */ + protected $useSSO = false; + + /** + * When querying group memberships, do it recursively + * eg. User Fred is a member of Group A, which is a member of Group B, which is a member of Group C + * user_ingroup("Fred","C") will returns true with this option turned on, false if turned off + * + * @var bool + */ + protected $recursiveGroups = true; + + // You should not need to edit anything below this line + //****************************************************************************************** + + /** + * Connection and bind default variables + * + * @var mixed + * @var mixed + */ + protected $ldapConnection; + protected $ldapBind; + + /** + * Get the active LDAP Connection + * + * @return resource + */ + public function getLdapConnection() { + if ($this->ldapConnection) { + return $this->ldapConnection; + } + return false; + } + + /** + * Get the bind status + * + * @return bool + */ + public function getLdapBind() { + return $this->ldapBind; + } + + /** + * Get the current base DN + * + * @return string + */ + public function getBaseDn() { + return $this->baseDn; + } + + /** + * The group class + * + * @var adLDAPGroups + */ + protected $groupClass; + + /** + * Get the group class interface + * + * @return adLDAPGroups + */ + public function group() { + if (!$this->groupClass) { + $this->groupClass = new adLDAPGroups($this); + } + return $this->groupClass; + } + + /** + * The user class + * + * @var adLDAPUsers + */ + protected $userClass; + + /** + * Get the userclass interface + * + * @return adLDAPUsers + */ + public function user() { + if (!$this->userClass) { + $this->userClass = new adLDAPUsers($this); + } + return $this->userClass; + } + + /** + * The folders class + * + * @var adLDAPFolders + */ + protected $folderClass; + + /** + * Get the folder class interface + * + * @return adLDAPFolders + */ + public function folder() { + if (!$this->folderClass) { + $this->folderClass = new adLDAPFolders($this); + } + return $this->folderClass; + } + + /** + * The utils class + * + * @var adLDAPUtils + */ + protected $utilClass; + + /** + * Get the utils class interface + * + * @return adLDAPUtils + */ + public function utilities() { + if (!$this->utilClass) { + $this->utilClass = new adLDAPUtils($this); + } + return $this->utilClass; + } + + /** + * The contacts class + * + * @var adLDAPContacts + */ + protected $contactClass; + + /** + * Get the contacts class interface + * + * @return adLDAPContacts + */ + public function contact() { + if (!$this->contactClass) { + $this->contactClass = new adLDAPContacts($this); + } + return $this->contactClass; + } + + /** + * The exchange class + * + * @var adLDAPExchange + */ + protected $exchangeClass; + + /** + * Get the exchange class interface + * + * @return adLDAPExchange + */ + public function exchange() { + if (!$this->exchangeClass) { + $this->exchangeClass = new adLDAPExchange($this); + } + return $this->exchangeClass; + } + + /** + * The computers class + * + * @var adLDAPComputers + */ + protected $computersClass; + + /** + * Get the computers class interface + * + * @return adLDAPComputers + */ + public function computer() { + if (!$this->computerClass) { + $this->computerClass = new adLDAPComputers($this); + } + return $this->computerClass; + } + + /** + * Getters and Setters + */ + + /** + * Set the account suffix + * + * @param string $accountSuffix + * @return void + */ + public function setAccountSuffix($accountSuffix) + { + $this->accountSuffix = $accountSuffix; + } + + /** + * Get the account suffix + * + * @return string + */ + public function getAccountSuffix() + { + return $this->accountSuffix; + } + + /** + * Set the domain controllers array + * + * @param array $domainControllers + * @return void + */ + public function setDomainControllers(array $domainControllers) + { + $this->domainControllers = $domainControllers; + } + + /** + * Get the list of domain controllers + * + * @return void + */ + public function getDomainControllers() + { + return $this->domainControllers; + } + + /** + * Sets the port number your domain controller communicates over + * + * @param int $adPort + */ + public function setPort($adPort) + { + $this->adPort = $adPort; + } + + /** + * Gets the port number your domain controller communicates over + * + * @return int + */ + public function getPort() + { + return $this->adPort; + } + + /** + * Set the username of an account with higher priviledges + * + * @param string $adminUsername + * @return void + */ + public function setAdminUsername($adminUsername) + { + $this->adminUsername = $adminUsername; + } + + /** + * Get the username of the account with higher priviledges + * + * This will throw an exception for security reasons + */ + public function getAdminUsername() + { + throw new adLDAPException('For security reasons you cannot access the domain administrator account details'); + } + + /** + * Set the password of an account with higher priviledges + * + * @param string $adminPassword + * @return void + */ + public function setAdminPassword($adminPassword) + { + $this->adminPassword = $adminPassword; + } + + /** + * Get the password of the account with higher priviledges + * + * This will throw an exception for security reasons + */ + public function getAdminPassword() + { + throw new adLDAPException('For security reasons you cannot access the domain administrator account details'); + } + + /** + * Set whether to detect the true primary group + * + * @param bool $realPrimaryGroup + * @return void + */ + public function setRealPrimaryGroup($realPrimaryGroup) + { + $this->realPrimaryGroup = $realPrimaryGroup; + } + + /** + * Get the real primary group setting + * + * @return bool + */ + public function getRealPrimaryGroup() + { + return $this->realPrimaryGroup; + } + + /** + * Set whether to use SSL + * + * @param bool $useSSL + * @return void + */ + public function setUseSSL($useSSL) + { + $this->useSSL = $useSSL; + // Set the default port correctly + if($this->useSSL) { + $this->setPort(self::ADLDAP_LDAPS_PORT); + } + else { + $this->setPort(self::ADLDAP_LDAP_PORT); + } + } + + /** + * Get the SSL setting + * + * @return bool + */ + public function getUseSSL() + { + return $this->useSSL; + } + + /** + * Set whether to use TLS + * + * @param bool $useTLS + * @return void + */ + public function setUseTLS($useTLS) + { + $this->useTLS = $useTLS; + } + + /** + * Get the TLS setting + * + * @return bool + */ + public function getUseTLS() + { + return $this->useTLS; + } + + /** + * Set whether to use SSO + * Requires ldap_sasl_bind support. Be sure --with-ldap-sasl is used when configuring PHP otherwise this function will be undefined. + * + * @param bool $useSSO + * @return void + */ + public function setUseSSO($useSSO) + { + if ($useSSO === true && !$this->ldapSaslSupported()) { + throw new adLDAPException('No LDAP SASL support for PHP. See: http://www.php.net/ldap_sasl_bind'); + } + $this->useSSO = $useSSO; + } + + /** + * Get the SSO setting + * + * @return bool + */ + public function getUseSSO() + { + return $this->useSSO; + } + + /** + * Set whether to lookup recursive groups + * + * @param bool $recursiveGroups + * @return void + */ + public function setRecursiveGroups($recursiveGroups) + { + $this->recursiveGroups = $recursiveGroups; + } + + /** + * Get the recursive groups setting + * + * @return bool + */ + public function getRecursiveGroups() + { + return $this->recursiveGroups; + } + + /** + * Default Constructor + * + * Tries to bind to the AD domain over LDAP or LDAPs + * + * @param array $options Array of options to pass to the constructor + * @throws Exception - if unable to bind to Domain Controller + * @return bool + */ + function __construct($options = array()) { + // You can specifically overide any of the default configuration options setup above + if (count($options) > 0) { + if (array_key_exists("account_suffix",$options)){ $this->accountSuffix = $options["account_suffix"]; } + if (array_key_exists("base_dn",$options)){ $this->baseDn = $options["base_dn"]; } + if (array_key_exists("domain_controllers",$options)){ + if (!is_array($options["domain_controllers"])) { + throw new adLDAPException('[domain_controllers] option must be an array'); + } + $this->domainControllers = $options["domain_controllers"]; + } + if (array_key_exists("admin_username",$options)){ $this->adminUsername = $options["admin_username"]; } + if (array_key_exists("admin_password",$options)){ $this->adminPassword = $options["admin_password"]; } + if (array_key_exists("real_primarygroup",$options)){ $this->realPrimaryGroup = $options["real_primarygroup"]; } + if (array_key_exists("use_ssl",$options)){ $this->setUseSSL($options["use_ssl"]); } + if (array_key_exists("use_tls",$options)){ $this->useTLS = $options["use_tls"]; } + if (array_key_exists("recursive_groups",$options)){ $this->recursiveGroups = $options["recursive_groups"]; } + if (array_key_exists("ad_port",$options)){ $this->setPort($options["ad_port"]); } + if (array_key_exists("sso",$options)) { + $this->setUseSSO($options["sso"]); + if (!$this->ldapSaslSupported()) { + $this->setUseSSO(false); + } + } + } + + if ($this->ldapSupported() === false) { + throw new adLDAPException('No LDAP support for PHP. See: http://www.php.net/ldap'); + } + + return $this->connect(); + } + + /** + * Default Destructor + * + * Closes the LDAP connection + * + * @return void + */ + function __destruct() { + $this->close(); + } + + /** + * Connects and Binds to the Domain Controller + * + * @return bool + */ + public function connect() + { + // Connect to the AD/LDAP server as the username/password + $domainController = $this->randomController(); + if ($this->useSSL) { + $this->ldapConnection = ldap_connect("ldaps://" . $domainController, $this->adPort); + } else { + $this->ldapConnection = ldap_connect($domainController, $this->adPort); + } + + // Set some ldap options for talking to AD + ldap_set_option($this->ldapConnection, LDAP_OPT_PROTOCOL_VERSION, 3); + ldap_set_option($this->ldapConnection, LDAP_OPT_REFERRALS, 0); + + if ($this->useTLS) { + ldap_start_tls($this->ldapConnection); + } + + // Bind as a domain admin if they've set it up + if ($this->adminUsername !== NULL && $this->adminPassword !== NULL) { + $this->ldapBind = @ldap_bind($this->ldapConnection, $this->adminUsername . $this->accountSuffix, $this->adminPassword); + if (!$this->ldapBind) { + if ($this->useSSL && !$this->useTLS) { + // If you have problems troubleshooting, remove the @ character from the ldapldapBind command above to get the actual error message + throw new adLDAPException('Bind to Active Directory failed. Either the LDAPs connection failed or the login credentials are incorrect. AD said: ' . $this->getLastError()); + } + else { + throw new adLDAPException('Bind to Active Directory failed. Check the login credentials and/or server details. AD said: ' . $this->getLastError()); + } + } + } + if ($this->useSSO && $_SERVER['REMOTE_USER'] && $this->adminUsername === null && $_SERVER['KRB5CCNAME']) { + putenv("KRB5CCNAME=" . $_SERVER['KRB5CCNAME']); + $this->ldapBind = @ldap_sasl_bind($this->ldapConnection, NULL, NULL, "GSSAPI"); + if (!$this->ldapBind){ + throw new adLDAPException('Rebind to Active Directory failed. AD said: ' . $this->getLastError()); + } + else { + return true; + } + } + + + if ($this->baseDn == NULL) { + $this->baseDn = $this->findBaseDn(); + } + + return true; + } + + /** + * Closes the LDAP connection + * + * @return void + */ + public function close() { + if ($this->ldapConnection) { + @ldap_close($this->ldapConnection); + } + } + + /** + * Validate a user's login credentials + * + * @param string $username A user's AD username + * @param string $password A user's AD password + * @param bool optional $preventRebind + * @return bool + */ + public function authenticate($username, $password, $preventRebind = false) { + // Prevent null binding + if ($username === NULL || $password === NULL) { return false; } + if (empty($username) || empty($password)) { return false; } + + // Allow binding over SSO for Kerberos + if ($this->useSSO && $_SERVER['REMOTE_USER'] && $_SERVER['REMOTE_USER'] == $username && $this->adminUsername === NULL && $_SERVER['KRB5CCNAME']) { + putenv("KRB5CCNAME=" . $_SERVER['KRB5CCNAME']); + $this->ldapBind = @ldap_sasl_bind($this->ldapConnection, NULL, NULL, "GSSAPI"); + if (!$this->ldapBind) { + throw new adLDAPException('Rebind to Active Directory failed. AD said: ' . $this->getLastError()); + } + else { + return true; + } + } + + // Bind as the user + $ret = true; + $this->ldapBind = @ldap_bind($this->ldapConnection, $username . $this->accountSuffix, $password); + if (!$this->ldapBind){ + $ret = false; + } + + // Cnce we've checked their details, kick back into admin mode if we have it + if ($this->adminUsername !== NULL && !$preventRebind) { + $this->ldapBind = @ldap_bind($this->ldapConnection, $this->adminUsername . $this->accountSuffix , $this->adminPassword); + if (!$this->ldapBind){ + // This should never happen in theory + throw new adLDAPException('Rebind to Active Directory failed. AD said: ' . $this->getLastError()); + } + } + + return $ret; + } + + /** + * Find the Base DN of your domain controller + * + * @return string + */ + public function findBaseDn() + { + $namingContext = $this->getRootDse(array('defaultnamingcontext')); + return $namingContext[0]['defaultnamingcontext'][0]; + } + + /** + * Get the RootDSE properties from a domain controller + * + * @param array $attributes The attributes you wish to query e.g. defaultnamingcontext + * @return array + */ + public function getRootDse($attributes = array("*", "+")) { + if (!$this->ldapBind){ return (false); } + + $sr = @ldap_read($this->ldapConnection, NULL, 'objectClass=*', $attributes); + $entries = @ldap_get_entries($this->ldapConnection, $sr); + return $entries; + } + + /** + * Get last error from Active Directory + * + * This function gets the last message from Active Directory + * This may indeed be a 'Success' message but if you get an unknown error + * it might be worth calling this function to see what errors were raised + * + * return string + */ + public function getLastError() { + return @ldap_error($this->ldapConnection); + } + + /** + * Detect LDAP support in php + * + * @return bool + */ + protected function ldapSupported() + { + if (!function_exists('ldap_connect')) { + return false; + } + return true; + } + + /** + * Detect ldap_sasl_bind support in PHP + * + * @return bool + */ + protected function ldapSaslSupported() + { + if (!function_exists('ldap_sasl_bind')) { + return false; + } + return true; + } + + /** + * Schema + * + * @param array $attributes Attributes to be queried + * @return array + */ + public function adldap_schema($attributes){ + + // LDAP doesn't like NULL attributes, only set them if they have values + // If you wish to remove an attribute you should set it to a space + // TO DO: Adapt user_modify to use ldap_mod_delete to remove a NULL attribute + $mod=array(); + + // Check every attribute to see if it contains 8bit characters and then UTF8 encode them + array_walk($attributes, array($this, 'encode8bit')); + + if ($attributes["address_city"]){ $mod["l"][0]=$attributes["address_city"]; } + if ($attributes["address_code"]){ $mod["postalCode"][0]=$attributes["address_code"]; } + //if ($attributes["address_country"]){ $mod["countryCode"][0]=$attributes["address_country"]; } // use country codes? + if ($attributes["address_country"]){ $mod["c"][0]=$attributes["address_country"]; } + if ($attributes["address_pobox"]){ $mod["postOfficeBox"][0]=$attributes["address_pobox"]; } + if ($attributes["address_state"]){ $mod["st"][0]=$attributes["address_state"]; } + if ($attributes["address_street"]){ $mod["streetAddress"][0]=$attributes["address_street"]; } + if ($attributes["company"]){ $mod["company"][0]=$attributes["company"]; } + if ($attributes["change_password"]){ $mod["pwdLastSet"][0]=0; } + if ($attributes["department"]){ $mod["department"][0]=$attributes["department"]; } + if ($attributes["description"]){ $mod["description"][0]=$attributes["description"]; } + if ($attributes["display_name"]){ $mod["displayName"][0]=$attributes["display_name"]; } + if ($attributes["email"]){ $mod["mail"][0]=$attributes["email"]; } + if ($attributes["expires"]){ $mod["accountExpires"][0]=$attributes["expires"]; } //unix epoch format? + if ($attributes["firstname"]){ $mod["givenName"][0]=$attributes["firstname"]; } + if ($attributes["home_directory"]){ $mod["homeDirectory"][0]=$attributes["home_directory"]; } + if ($attributes["home_drive"]){ $mod["homeDrive"][0]=$attributes["home_drive"]; } + if ($attributes["initials"]){ $mod["initials"][0]=$attributes["initials"]; } + if ($attributes["logon_name"]){ $mod["userPrincipalName"][0]=$attributes["logon_name"]; } + if ($attributes["manager"]){ $mod["manager"][0]=$attributes["manager"]; } //UNTESTED ***Use DistinguishedName*** + if ($attributes["office"]){ $mod["physicalDeliveryOfficeName"][0]=$attributes["office"]; } + if ($attributes["password"]){ $mod["unicodePwd"][0]=$this->user()->encodePassword($attributes["password"]); } + if ($attributes["profile_path"]){ $mod["profilepath"][0]=$attributes["profile_path"]; } + if ($attributes["script_path"]){ $mod["scriptPath"][0]=$attributes["script_path"]; } + if ($attributes["surname"]){ $mod["sn"][0]=$attributes["surname"]; } + if ($attributes["title"]){ $mod["title"][0]=$attributes["title"]; } + if ($attributes["telephone"]){ $mod["telephoneNumber"][0]=$attributes["telephone"]; } + if ($attributes["mobile"]){ $mod["mobile"][0]=$attributes["mobile"]; } + if ($attributes["pager"]){ $mod["pager"][0]=$attributes["pager"]; } + if ($attributes["ipphone"]){ $mod["ipphone"][0]=$attributes["ipphone"]; } + if ($attributes["web_page"]){ $mod["wWWHomePage"][0]=$attributes["web_page"]; } + if ($attributes["fax"]){ $mod["facsimileTelephoneNumber"][0]=$attributes["fax"]; } + if ($attributes["enabled"]){ $mod["userAccountControl"][0]=$attributes["enabled"]; } + if ($attributes["homephone"]){ $mod["homephone"][0]=$attributes["homephone"]; } + + // Distribution List specific schema + if ($attributes["group_sendpermission"]){ $mod["dlMemSubmitPerms"][0]=$attributes["group_sendpermission"]; } + if ($attributes["group_rejectpermission"]){ $mod["dlMemRejectPerms"][0]=$attributes["group_rejectpermission"]; } + + // Exchange Schema + if ($attributes["exchange_homemdb"]){ $mod["homeMDB"][0]=$attributes["exchange_homemdb"]; } + if ($attributes["exchange_mailnickname"]){ $mod["mailNickname"][0]=$attributes["exchange_mailnickname"]; } + if ($attributes["exchange_proxyaddress"]){ $mod["proxyAddresses"][0]=$attributes["exchange_proxyaddress"]; } + if ($attributes["exchange_usedefaults"]){ $mod["mDBUseDefaults"][0]=$attributes["exchange_usedefaults"]; } + if ($attributes["exchange_policyexclude"]){ $mod["msExchPoliciesExcluded"][0]=$attributes["exchange_policyexclude"]; } + if ($attributes["exchange_policyinclude"]){ $mod["msExchPoliciesIncluded"][0]=$attributes["exchange_policyinclude"]; } + if ($attributes["exchange_addressbook"]){ $mod["showInAddressBook"][0]=$attributes["exchange_addressbook"]; } + if ($attributes["exchange_altrecipient"]){ $mod["altRecipient"][0]=$attributes["exchange_altrecipient"]; } + if ($attributes["exchange_deliverandredirect"]){ $mod["deliverAndRedirect"][0]=$attributes["exchange_deliverandredirect"]; } + + // This schema is designed for contacts + if ($attributes["exchange_hidefromlists"]){ $mod["msExchHideFromAddressLists"][0]=$attributes["exchange_hidefromlists"]; } + if ($attributes["contact_email"]){ $mod["targetAddress"][0]=$attributes["contact_email"]; } + + //echo ("<pre>"); print_r($mod); + /* + // modifying a name is a bit fiddly + if ($attributes["firstname"] && $attributes["surname"]){ + $mod["cn"][0]=$attributes["firstname"]." ".$attributes["surname"]; + $mod["displayname"][0]=$attributes["firstname"]." ".$attributes["surname"]; + $mod["name"][0]=$attributes["firstname"]." ".$attributes["surname"]; + } + */ + + if (count($mod)==0){ return (false); } + return ($mod); + } + + /** + * Convert 8bit characters e.g. accented characters to UTF8 encoded characters + */ + protected function encode8Bit(&$item, $key) { + $encode = false; + if (is_string($item)) { + for ($i=0; $i<strlen($item); $i++) { + if (ord($item[$i]) >> 7) { + $encode = true; + } + } + } + if ($encode === true && $key != 'password') { + $item = utf8_encode($item); + } + } + + /** + * Select a random domain controller from your domain controller array + * + * @return string + */ + protected function randomController() + { + mt_srand(doubleval(microtime()) * 100000000); // For older PHP versions + /*if (sizeof($this->domainControllers) > 1) { + $adController = $this->domainControllers[array_rand($this->domainControllers)]; + // Test if the controller is responding to pings + $ping = $this->pingController($adController); + if ($ping === false) { + // Find the current key in the domain controllers array + $key = array_search($adController, $this->domainControllers); + // Remove it so that we don't end up in a recursive loop + unset($this->domainControllers[$key]); + // Select a new controller + return $this->randomController(); + } + else { + return ($adController); + } + } */ + return $this->domainControllers[array_rand($this->domainControllers)]; + } + + /** + * Test basic connectivity to controller + * + * @return bool + */ + protected function pingController($host) { + $port = $this->adPort; + fsockopen($host, $port, $errno, $errstr, 10); + if ($errno > 0) { + return false; + } + return true; + } + +} + +/** +* adLDAP Exception Handler +* +* Exceptions of this type are thrown on bind failure or when SSL is required but not configured +* Example: +* try { +* $adldap = new adLDAP(); +* } +* catch (adLDAPException $e) { +* echo $e; +* exit(); +* } +*/ +class adLDAPException extends Exception {} + ?>
\ No newline at end of file diff --git a/lib/plugins/authad/adLDAP/classes/adLDAPComputers.php b/lib/plugins/authad/adLDAP/classes/adLDAPComputers.php index 71b24a04f..aabd88fa5 100644 --- a/lib/plugins/authad/adLDAP/classes/adLDAPComputers.php +++ b/lib/plugins/authad/adLDAP/classes/adLDAPComputers.php @@ -1,153 +1,153 @@ -<?php
-/**
- * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
- * Version 4.0.4
- *
- * PHP Version 5 with SSL and LDAP support
- *
- * Written by Scott Barnett, Richard Hyland
- * email: scott@wiggumworld.com, adldap@richardhyland.com
- * http://adldap.sourceforge.net/
- *
- * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- *
- * We'd appreciate any improvements or additions to be submitted back
- * to benefit the entire community :)
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * @category ToolsAndUtilities
- * @package adLDAP
- * @subpackage Computers
- * @author Scott Barnett, Richard Hyland
- * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
- * @revision $Revision: 97 $
- * @version 4.0.4
- * @link http://adldap.sourceforge.net/
- */
-require_once(dirname(__FILE__) . '/../adLDAP.php');
-require_once(dirname(__FILE__) . '/../collections/adLDAPComputerCollection.php');
-
-/**
-* COMPUTER MANAGEMENT FUNCTIONS
-*/
-class adLDAPComputers {
-
- /**
- * The current adLDAP connection via dependency injection
- *
- * @var adLDAP
- */
- protected $adldap;
-
- public function __construct(adLDAP $adldap) {
- $this->adldap = $adldap;
- }
-
- /**
- * Get information about a specific computer. Returned in a raw array format from AD
- *
- * @param string $computerName The name of the computer
- * @param array $fields Attributes to return
- * @return array
- */
- public function info($computerName, $fields = NULL)
- {
- if ($computerName === NULL) { return false; }
- if (!$this->adldap->getLdapBind()) { return false; }
-
- $filter = "(&(objectClass=computer)(cn=" . $computerName . "))";
- if ($fields === NULL) {
- $fields = array("memberof","cn","displayname","dnshostname","distinguishedname","objectcategory","operatingsystem","operatingsystemservicepack","operatingsystemversion");
- }
- $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
- $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
-
- return $entries;
- }
-
- /**
- * Find information about the computers. Returned in a raw array format from AD
- *
- * @param string $computerName The name of the computer
- * @param array $fields Array of parameters to query
- * @return mixed
- */
- public function infoCollection($computerName, $fields = NULL)
- {
- if ($computerName === NULL) { return false; }
- if (!$this->adldap->getLdapBind()) { return false; }
-
- $info = $this->info($computerName, $fields);
-
- if ($info !== false) {
- $collection = new adLDAPComputerCollection($info, $this->adldap);
- return $collection;
- }
- return false;
- }
-
- /**
- * Check if a computer is in a group
- *
- * @param string $computerName The name of the computer
- * @param string $group The group to check
- * @param bool $recursive Whether to check recursively
- * @return array
- */
- public function inGroup($computerName, $group, $recursive = NULL)
- {
- if ($computerName === NULL) { return false; }
- if ($group === NULL) { return false; }
- if (!$this->adldap->getLdapBind()) { return false; }
- if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } // use the default option if they haven't set it
-
- //get a list of the groups
- $groups = $this->groups($computerName, array("memberof"), $recursive);
-
- //return true if the specified group is in the group list
- if (in_array($group, $groups)){
- return true;
- }
-
- return false;
- }
-
- /**
- * Get the groups a computer is in
- *
- * @param string $computerName The name of the computer
- * @param bool $recursive Whether to check recursively
- * @return array
- */
- public function groups($computerName, $recursive = NULL)
- {
- if ($computerName === NULL) { return false; }
- if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } //use the default option if they haven't set it
- if (!$this->adldap->getLdapBind()){ return false; }
-
- //search the directory for their information
- $info = @$this->info($computerName, array("memberof", "primarygroupid"));
- $groups = $this->adldap->utilities()->niceNames($info[0]["memberof"]); //presuming the entry returned is our guy (unique usernames)
-
- if ($recursive === true) {
- foreach ($groups as $id => $groupName){
- $extraGroups = $this->adldap->group()->recursiveGroups($groupName);
- $groups = array_merge($groups, $extraGroups);
- }
- }
-
- return $groups;
- }
-
-}
+<?php +/** + * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY + * Version 4.0.4 + * + * PHP Version 5 with SSL and LDAP support + * + * Written by Scott Barnett, Richard Hyland + * email: scott@wiggumworld.com, adldap@richardhyland.com + * http://adldap.sourceforge.net/ + * + * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * + * We'd appreciate any improvements or additions to be submitted back + * to benefit the entire community :) + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * @category ToolsAndUtilities + * @package adLDAP + * @subpackage Computers + * @author Scott Barnett, Richard Hyland + * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1 + * @revision $Revision: 97 $ + * @version 4.0.4 + * @link http://adldap.sourceforge.net/ + */ +require_once(dirname(__FILE__) . '/../adLDAP.php'); +require_once(dirname(__FILE__) . '/../collections/adLDAPComputerCollection.php'); + +/** +* COMPUTER MANAGEMENT FUNCTIONS +*/ +class adLDAPComputers { + + /** + * The current adLDAP connection via dependency injection + * + * @var adLDAP + */ + protected $adldap; + + public function __construct(adLDAP $adldap) { + $this->adldap = $adldap; + } + + /** + * Get information about a specific computer. Returned in a raw array format from AD + * + * @param string $computerName The name of the computer + * @param array $fields Attributes to return + * @return array + */ + public function info($computerName, $fields = NULL) + { + if ($computerName === NULL) { return false; } + if (!$this->adldap->getLdapBind()) { return false; } + + $filter = "(&(objectClass=computer)(cn=" . $computerName . "))"; + if ($fields === NULL) { + $fields = array("memberof","cn","displayname","dnshostname","distinguishedname","objectcategory","operatingsystem","operatingsystemservicepack","operatingsystemversion"); + } + $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields); + $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr); + + return $entries; + } + + /** + * Find information about the computers. Returned in a raw array format from AD + * + * @param string $computerName The name of the computer + * @param array $fields Array of parameters to query + * @return mixed + */ + public function infoCollection($computerName, $fields = NULL) + { + if ($computerName === NULL) { return false; } + if (!$this->adldap->getLdapBind()) { return false; } + + $info = $this->info($computerName, $fields); + + if ($info !== false) { + $collection = new adLDAPComputerCollection($info, $this->adldap); + return $collection; + } + return false; + } + + /** + * Check if a computer is in a group + * + * @param string $computerName The name of the computer + * @param string $group The group to check + * @param bool $recursive Whether to check recursively + * @return array + */ + public function inGroup($computerName, $group, $recursive = NULL) + { + if ($computerName === NULL) { return false; } + if ($group === NULL) { return false; } + if (!$this->adldap->getLdapBind()) { return false; } + if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } // use the default option if they haven't set it + + //get a list of the groups + $groups = $this->groups($computerName, array("memberof"), $recursive); + + //return true if the specified group is in the group list + if (in_array($group, $groups)){ + return true; + } + + return false; + } + + /** + * Get the groups a computer is in + * + * @param string $computerName The name of the computer + * @param bool $recursive Whether to check recursively + * @return array + */ + public function groups($computerName, $recursive = NULL) + { + if ($computerName === NULL) { return false; } + if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } //use the default option if they haven't set it + if (!$this->adldap->getLdapBind()){ return false; } + + //search the directory for their information + $info = @$this->info($computerName, array("memberof", "primarygroupid")); + $groups = $this->adldap->utilities()->niceNames($info[0]["memberof"]); //presuming the entry returned is our guy (unique usernames) + + if ($recursive === true) { + foreach ($groups as $id => $groupName){ + $extraGroups = $this->adldap->group()->recursiveGroups($groupName); + $groups = array_merge($groups, $extraGroups); + } + } + + return $groups; + } + +} ?>
\ No newline at end of file diff --git a/lib/plugins/authad/adLDAP/classes/adLDAPContacts.php b/lib/plugins/authad/adLDAP/classes/adLDAPContacts.php index addd3e5f0..42a0d756b 100644 --- a/lib/plugins/authad/adLDAP/classes/adLDAPContacts.php +++ b/lib/plugins/authad/adLDAP/classes/adLDAPContacts.php @@ -1,294 +1,294 @@ -<?php
-/**
- * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
- * Version 4.0.4
- *
- * PHP Version 5 with SSL and LDAP support
- *
- * Written by Scott Barnett, Richard Hyland
- * email: scott@wiggumworld.com, adldap@richardhyland.com
- * http://adldap.sourceforge.net/
- *
- * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- *
- * We'd appreciate any improvements or additions to be submitted back
- * to benefit the entire community :)
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * @category ToolsAndUtilities
- * @package adLDAP
- * @subpackage Contacts
- * @author Scott Barnett, Richard Hyland
- * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
- * @revision $Revision: 97 $
- * @version 4.0.4
- * @link http://adldap.sourceforge.net/
- */
-
-require_once(dirname(__FILE__) . '/../adLDAP.php');
-require_once(dirname(__FILE__) . '/../collections/adLDAPContactCollection.php');
-
-class adLDAPContacts {
- /**
- * The current adLDAP connection via dependency injection
- *
- * @var adLDAP
- */
- protected $adldap;
-
- public function __construct(adLDAP $adldap) {
- $this->adldap = $adldap;
- }
-
- //*****************************************************************************************************************
- // CONTACT FUNCTIONS
- // * Still work to do in this area, and new functions to write
-
- /**
- * Create a contact
- *
- * @param array $attributes The attributes to set to the contact
- * @return bool
- */
- public function create($attributes)
- {
- // Check for compulsory fields
- if (!array_key_exists("display_name", $attributes)) { return "Missing compulsory field [display_name]"; }
- if (!array_key_exists("email", $attributes)) { return "Missing compulsory field [email]"; }
- if (!array_key_exists("container", $attributes)) { return "Missing compulsory field [container]"; }
- if (!is_array($attributes["container"])) { return "Container attribute must be an array."; }
-
- // Translate the schema
- $add = $this->adldap->adldap_schema($attributes);
-
- // Additional stuff only used for adding contacts
- $add["cn"][0] = $attributes["display_name"];
- $add["objectclass"][0] = "top";
- $add["objectclass"][1] = "person";
- $add["objectclass"][2] = "organizationalPerson";
- $add["objectclass"][3] = "contact";
- if (!isset($attributes['exchange_hidefromlists'])) {
- $add["msExchHideFromAddressLists"][0] = "TRUE";
- }
-
- // Determine the container
- $attributes["container"] = array_reverse($attributes["container"]);
- $container= "OU=" . implode(",OU=", $attributes["container"]);
-
- // Add the entry
- $result = @ldap_add($this->adldap->getLdapConnection(), "CN=" . $this->adldap->utilities()->escapeCharacters($add["cn"][0]) . ", " . $container . "," . $this->adldap->getBaseDn(), $add);
- if ($result != true) {
- return false;
- }
-
- return true;
- }
-
- /**
- * Determine the list of groups a contact is a member of
- *
- * @param string $distinguisedname The full DN of a contact
- * @param bool $recursive Recursively check groups
- * @return array
- */
- public function groups($distinguishedName, $recursive = NULL)
- {
- if ($distinguishedName === NULL) { return false; }
- if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } //use the default option if they haven't set it
- if (!$this->adldap->getLdapBind()){ return false; }
-
- // Search the directory for their information
- $info = @$this->info($distinguishedName, array("memberof", "primarygroupid"));
- $groups = $this->adldap->utilities()->niceNames($info[0]["memberof"]); //presuming the entry returned is our contact
-
- if ($recursive === true){
- foreach ($groups as $id => $groupName){
- $extraGroups = $this->adldap->group()->recursiveGroups($groupName);
- $groups = array_merge($groups, $extraGroups);
- }
- }
-
- return $groups;
- }
-
- /**
- * Get contact information. Returned in a raw array format from AD
- *
- * @param string $distinguisedname The full DN of a contact
- * @param array $fields Attributes to be returned
- * @return array
- */
- public function info($distinguishedName, $fields = NULL)
- {
- if ($distinguishedName === NULL) { return false; }
- if (!$this->adldap->getLdapBind()) { return false; }
-
- $filter = "distinguishedName=" . $distinguishedName;
- if ($fields === NULL) {
- $fields = array("distinguishedname", "mail", "memberof", "department", "displayname", "telephonenumber", "primarygroupid", "objectsid");
- }
- $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
- $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
-
- if ($entries[0]['count'] >= 1) {
- // AD does not return the primary group in the ldap query, we may need to fudge it
- if ($this->adldap->getRealPrimaryGroup() && isset($entries[0]["primarygroupid"][0]) && isset($entries[0]["primarygroupid"][0])){
- //$entries[0]["memberof"][]=$this->group_cn($entries[0]["primarygroupid"][0]);
- $entries[0]["memberof"][] = $this->adldap->group()->getPrimaryGroup($entries[0]["primarygroupid"][0], $entries[0]["objectsid"][0]);
- } else {
- $entries[0]["memberof"][] = "CN=Domain Users,CN=Users," . $this->adldap->getBaseDn();
- }
- }
-
- $entries[0]["memberof"]["count"]++;
- return $entries;
- }
-
- /**
- * Find information about the contacts. Returned in a raw array format from AD
- *
- * @param string $distinguishedName The full DN of a contact
- * @param array $fields Array of parameters to query
- * @return mixed
- */
- public function infoCollection($distinguishedName, $fields = NULL)
- {
- if ($distinguishedName === NULL) { return false; }
- if (!$this->adldap->getLdapBind()) { return false; }
-
- $info = $this->info($distinguishedName, $fields);
-
- if ($info !== false) {
- $collection = new adLDAPContactCollection($info, $this->adldap);
- return $collection;
- }
- return false;
- }
-
- /**
- * Determine if a contact is a member of a group
- *
- * @param string $distinguisedName The full DN of a contact
- * @param string $group The group name to query
- * @param bool $recursive Recursively check groups
- * @return bool
- */
- public function inGroup($distinguisedName, $group, $recursive = NULL)
- {
- if ($distinguisedName === NULL) { return false; }
- if ($group === NULL) { return false; }
- if (!$this->adldap->getLdapBind()) { return false; }
- if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } //use the default option if they haven't set it
-
- // Get a list of the groups
- $groups = $this->groups($distinguisedName, array("memberof"), $recursive);
-
- // Return true if the specified group is in the group list
- if (in_array($group, $groups)){
- return true;
- }
-
- return false;
- }
-
- /**
- * Modify a contact
- *
- * @param string $distinguishedName The contact to query
- * @param array $attributes The attributes to modify. Note if you set the enabled attribute you must not specify any other attributes
- * @return bool
- */
- public function modify($distinguishedName, $attributes) {
- if ($distinguishedName === NULL) { return "Missing compulsory field [distinguishedname]"; }
-
- // Translate the update to the LDAP schema
- $mod = $this->adldap->adldap_schema($attributes);
-
- // Check to see if this is an enabled status update
- if (!$mod) {
- return false;
- }
-
- // Do the update
- $result = ldap_modify($this->adldap->getLdapConnection(), $distinguishedName, $mod);
- if ($result == false) {
- return false;
- }
-
- return true;
- }
-
- /**
- * Delete a contact
- *
- * @param string $distinguishedName The contact dn to delete (please be careful here!)
- * @return array
- */
- public function delete($distinguishedName)
- {
- $result = $this->folder()->delete($distinguishedName);
- if ($result != true) {
- return false;
- }
- return true;
- }
-
- /**
- * Return a list of all contacts
- *
- * @param bool $includeDescription Include a description of a contact
- * @param string $search The search parameters
- * @param bool $sorted Whether to sort the results
- * @return array
- */
- public function all($includeDescription = false, $search = "*", $sorted = true) {
- if (!$this->adldap->getLdapBind()) { return false; }
-
- // Perform the search and grab all their details
- $filter = "(&(objectClass=contact)(cn=" . $search . "))";
- $fields = array("displayname","distinguishedname");
- $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
- $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
-
- $usersArray = array();
- for ($i=0; $i<$entries["count"]; $i++){
- if ($includeDescription && strlen($entries[$i]["displayname"][0])>0){
- $usersArray[$entries[$i]["distinguishedname"][0]] = $entries[$i]["displayname"][0];
- } elseif ($includeDescription){
- $usersArray[$entries[$i]["distinguishedname"][0]] = $entries[$i]["distinguishedname"][0];
- } else {
- array_push($usersArray, $entries[$i]["distinguishedname"][0]);
- }
- }
- if ($sorted) {
- asort($usersArray);
- }
- return $usersArray;
- }
-
- /**
- * Mail enable a contact
- * Allows email to be sent to them through Exchange
- *
- * @param string $distinguishedname The contact to mail enable
- * @param string $emailaddress The email address to allow emails to be sent through
- * @param string $mailnickname The mailnickname for the contact in Exchange. If NULL this will be set to the display name
- * @return bool
- */
- public function contactMailEnable($distinguishedName, $emailAddress, $mailNickname = NULL){
- return $this->adldap->exchange()->contactMailEnable($distinguishedName, $emailAddress, $mailNickname);
- }
-
-
-}
-?>
+<?php +/** + * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY + * Version 4.0.4 + * + * PHP Version 5 with SSL and LDAP support + * + * Written by Scott Barnett, Richard Hyland + * email: scott@wiggumworld.com, adldap@richardhyland.com + * http://adldap.sourceforge.net/ + * + * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * + * We'd appreciate any improvements or additions to be submitted back + * to benefit the entire community :) + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * @category ToolsAndUtilities + * @package adLDAP + * @subpackage Contacts + * @author Scott Barnett, Richard Hyland + * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1 + * @revision $Revision: 97 $ + * @version 4.0.4 + * @link http://adldap.sourceforge.net/ + */ + +require_once(dirname(__FILE__) . '/../adLDAP.php'); +require_once(dirname(__FILE__) . '/../collections/adLDAPContactCollection.php'); + +class adLDAPContacts { + /** + * The current adLDAP connection via dependency injection + * + * @var adLDAP + */ + protected $adldap; + + public function __construct(adLDAP $adldap) { + $this->adldap = $adldap; + } + + //***************************************************************************************************************** + // CONTACT FUNCTIONS + // * Still work to do in this area, and new functions to write + + /** + * Create a contact + * + * @param array $attributes The attributes to set to the contact + * @return bool + */ + public function create($attributes) + { + // Check for compulsory fields + if (!array_key_exists("display_name", $attributes)) { return "Missing compulsory field [display_name]"; } + if (!array_key_exists("email", $attributes)) { return "Missing compulsory field [email]"; } + if (!array_key_exists("container", $attributes)) { return "Missing compulsory field [container]"; } + if (!is_array($attributes["container"])) { return "Container attribute must be an array."; } + + // Translate the schema + $add = $this->adldap->adldap_schema($attributes); + + // Additional stuff only used for adding contacts + $add["cn"][0] = $attributes["display_name"]; + $add["objectclass"][0] = "top"; + $add["objectclass"][1] = "person"; + $add["objectclass"][2] = "organizationalPerson"; + $add["objectclass"][3] = "contact"; + if (!isset($attributes['exchange_hidefromlists'])) { + $add["msExchHideFromAddressLists"][0] = "TRUE"; + } + + // Determine the container + $attributes["container"] = array_reverse($attributes["container"]); + $container= "OU=" . implode(",OU=", $attributes["container"]); + + // Add the entry + $result = @ldap_add($this->adldap->getLdapConnection(), "CN=" . $this->adldap->utilities()->escapeCharacters($add["cn"][0]) . ", " . $container . "," . $this->adldap->getBaseDn(), $add); + if ($result != true) { + return false; + } + + return true; + } + + /** + * Determine the list of groups a contact is a member of + * + * @param string $distinguisedname The full DN of a contact + * @param bool $recursive Recursively check groups + * @return array + */ + public function groups($distinguishedName, $recursive = NULL) + { + if ($distinguishedName === NULL) { return false; } + if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } //use the default option if they haven't set it + if (!$this->adldap->getLdapBind()){ return false; } + + // Search the directory for their information + $info = @$this->info($distinguishedName, array("memberof", "primarygroupid")); + $groups = $this->adldap->utilities()->niceNames($info[0]["memberof"]); //presuming the entry returned is our contact + + if ($recursive === true){ + foreach ($groups as $id => $groupName){ + $extraGroups = $this->adldap->group()->recursiveGroups($groupName); + $groups = array_merge($groups, $extraGroups); + } + } + + return $groups; + } + + /** + * Get contact information. Returned in a raw array format from AD + * + * @param string $distinguisedname The full DN of a contact + * @param array $fields Attributes to be returned + * @return array + */ + public function info($distinguishedName, $fields = NULL) + { + if ($distinguishedName === NULL) { return false; } + if (!$this->adldap->getLdapBind()) { return false; } + + $filter = "distinguishedName=" . $distinguishedName; + if ($fields === NULL) { + $fields = array("distinguishedname", "mail", "memberof", "department", "displayname", "telephonenumber", "primarygroupid", "objectsid"); + } + $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields); + $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr); + + if ($entries[0]['count'] >= 1) { + // AD does not return the primary group in the ldap query, we may need to fudge it + if ($this->adldap->getRealPrimaryGroup() && isset($entries[0]["primarygroupid"][0]) && isset($entries[0]["primarygroupid"][0])){ + //$entries[0]["memberof"][]=$this->group_cn($entries[0]["primarygroupid"][0]); + $entries[0]["memberof"][] = $this->adldap->group()->getPrimaryGroup($entries[0]["primarygroupid"][0], $entries[0]["objectsid"][0]); + } else { + $entries[0]["memberof"][] = "CN=Domain Users,CN=Users," . $this->adldap->getBaseDn(); + } + } + + $entries[0]["memberof"]["count"]++; + return $entries; + } + + /** + * Find information about the contacts. Returned in a raw array format from AD + * + * @param string $distinguishedName The full DN of a contact + * @param array $fields Array of parameters to query + * @return mixed + */ + public function infoCollection($distinguishedName, $fields = NULL) + { + if ($distinguishedName === NULL) { return false; } + if (!$this->adldap->getLdapBind()) { return false; } + + $info = $this->info($distinguishedName, $fields); + + if ($info !== false) { + $collection = new adLDAPContactCollection($info, $this->adldap); + return $collection; + } + return false; + } + + /** + * Determine if a contact is a member of a group + * + * @param string $distinguisedName The full DN of a contact + * @param string $group The group name to query + * @param bool $recursive Recursively check groups + * @return bool + */ + public function inGroup($distinguisedName, $group, $recursive = NULL) + { + if ($distinguisedName === NULL) { return false; } + if ($group === NULL) { return false; } + if (!$this->adldap->getLdapBind()) { return false; } + if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } //use the default option if they haven't set it + + // Get a list of the groups + $groups = $this->groups($distinguisedName, array("memberof"), $recursive); + + // Return true if the specified group is in the group list + if (in_array($group, $groups)){ + return true; + } + + return false; + } + + /** + * Modify a contact + * + * @param string $distinguishedName The contact to query + * @param array $attributes The attributes to modify. Note if you set the enabled attribute you must not specify any other attributes + * @return bool + */ + public function modify($distinguishedName, $attributes) { + if ($distinguishedName === NULL) { return "Missing compulsory field [distinguishedname]"; } + + // Translate the update to the LDAP schema + $mod = $this->adldap->adldap_schema($attributes); + + // Check to see if this is an enabled status update + if (!$mod) { + return false; + } + + // Do the update + $result = ldap_modify($this->adldap->getLdapConnection(), $distinguishedName, $mod); + if ($result == false) { + return false; + } + + return true; + } + + /** + * Delete a contact + * + * @param string $distinguishedName The contact dn to delete (please be careful here!) + * @return array + */ + public function delete($distinguishedName) + { + $result = $this->folder()->delete($distinguishedName); + if ($result != true) { + return false; + } + return true; + } + + /** + * Return a list of all contacts + * + * @param bool $includeDescription Include a description of a contact + * @param string $search The search parameters + * @param bool $sorted Whether to sort the results + * @return array + */ + public function all($includeDescription = false, $search = "*", $sorted = true) { + if (!$this->adldap->getLdapBind()) { return false; } + + // Perform the search and grab all their details + $filter = "(&(objectClass=contact)(cn=" . $search . "))"; + $fields = array("displayname","distinguishedname"); + $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields); + $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr); + + $usersArray = array(); + for ($i=0; $i<$entries["count"]; $i++){ + if ($includeDescription && strlen($entries[$i]["displayname"][0])>0){ + $usersArray[$entries[$i]["distinguishedname"][0]] = $entries[$i]["displayname"][0]; + } elseif ($includeDescription){ + $usersArray[$entries[$i]["distinguishedname"][0]] = $entries[$i]["distinguishedname"][0]; + } else { + array_push($usersArray, $entries[$i]["distinguishedname"][0]); + } + } + if ($sorted) { + asort($usersArray); + } + return $usersArray; + } + + /** + * Mail enable a contact + * Allows email to be sent to them through Exchange + * + * @param string $distinguishedname The contact to mail enable + * @param string $emailaddress The email address to allow emails to be sent through + * @param string $mailnickname The mailnickname for the contact in Exchange. If NULL this will be set to the display name + * @return bool + */ + public function contactMailEnable($distinguishedName, $emailAddress, $mailNickname = NULL){ + return $this->adldap->exchange()->contactMailEnable($distinguishedName, $emailAddress, $mailNickname); + } + + +} +?> diff --git a/lib/plugins/authad/adLDAP/classes/adLDAPExchange.php b/lib/plugins/authad/adLDAP/classes/adLDAPExchange.php index dd0c6de05..d70aac779 100644 --- a/lib/plugins/authad/adLDAP/classes/adLDAPExchange.php +++ b/lib/plugins/authad/adLDAP/classes/adLDAPExchange.php @@ -1,390 +1,390 @@ -<?php
-/**
- * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
- * Version 4.0.4
- *
- * PHP Version 5 with SSL and LDAP support
- *
- * Written by Scott Barnett, Richard Hyland
- * email: scott@wiggumworld.com, adldap@richardhyland.com
- * http://adldap.sourceforge.net/
- *
- * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- *
- * We'd appreciate any improvements or additions to be submitted back
- * to benefit the entire community :)
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * @category ToolsAndUtilities
- * @package adLDAP
- * @subpackage Exchange
- * @author Scott Barnett, Richard Hyland
- * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
- * @revision $Revision: 97 $
- * @version 4.0.4
- * @link http://adldap.sourceforge.net/
- */
-require_once(dirname(__FILE__) . '/../adLDAP.php');
-
-/**
-* MICROSOFT EXCHANGE FUNCTIONS
-*/
-class adLDAPExchange {
- /**
- * The current adLDAP connection via dependency injection
- *
- * @var adLDAP
- */
- protected $adldap;
-
- public function __construct(adLDAP $adldap) {
- $this->adldap = $adldap;
- }
-
- /**
- * Create an Exchange account
- *
- * @param string $username The username of the user to add the Exchange account to
- * @param array $storageGroup The mailbox, Exchange Storage Group, for the user account, this must be a full CN
- * If the storage group has a different base_dn to the adLDAP configuration, set it using $base_dn
- * @param string $emailAddress The primary email address to add to this user
- * @param string $mailNickname The mail nick name. If mail nickname is blank, the username will be used
- * @param bool $mdbUseDefaults Indicates whether the store should use the default quota, rather than the per-mailbox quota.
- * @param string $baseDn Specify an alternative base_dn for the Exchange storage group
- * @param bool $isGUID Is the username passed a GUID or a samAccountName
- * @return bool
- */
- public function createMailbox($username, $storageGroup, $emailAddress, $mailNickname=NULL, $useDefaults=TRUE, $baseDn=NULL, $isGUID=false)
- {
- if ($username === NULL){ return "Missing compulsory field [username]"; }
- if ($storageGroup === NULL) { return "Missing compulsory array [storagegroup]"; }
- if (!is_array($storageGroup)) { return "[storagegroup] must be an array"; }
- if ($emailAddress === NULL) { return "Missing compulsory field [emailAddress]"; }
-
- if ($baseDn === NULL) {
- $baseDn = $this->adldap->getBaseDn();
- }
-
- $container = "CN=" . implode(",CN=", $storageGroup);
-
- if ($mailNickname === NULL) {
- $mailNickname = $username;
- }
- $mdbUseDefaults = $this->adldap->utilities()->boolToString($useDefaults);
-
- $attributes = array(
- 'exchange_homemdb'=>$container.",".$baseDn,
- 'exchange_proxyaddress'=>'SMTP:' . $emailAddress,
- 'exchange_mailnickname'=>$mailNickname,
- 'exchange_usedefaults'=>$mdbUseDefaults
- );
- $result = $this->adldap->user()->modify($username, $attributes, $isGUID);
- if ($result == false) {
- return false;
- }
- return true;
- }
-
- /**
- * Add an X400 address to Exchange
- * See http://tools.ietf.org/html/rfc1685 for more information.
- * An X400 Address looks similar to this X400:c=US;a= ;p=Domain;o=Organization;s=Doe;g=John;
- *
- * @param string $username The username of the user to add the X400 to to
- * @param string $country Country
- * @param string $admd Administration Management Domain
- * @param string $pdmd Private Management Domain (often your AD domain)
- * @param string $org Organization
- * @param string $surname Surname
- * @param string $givenName Given name
- * @param bool $isGUID Is the username passed a GUID or a samAccountName
- * @return bool
- */
- public function addX400($username, $country, $admd, $pdmd, $org, $surname, $givenName, $isGUID=false)
- {
- if ($username === NULL){ return "Missing compulsory field [username]"; }
-
- $proxyValue = 'X400:';
-
- // Find the dn of the user
- $user = $this->adldap->user()->info($username, array("cn","proxyaddresses"), $isGUID);
- if ($user[0]["dn"] === NULL) { return false; }
- $userDn = $user[0]["dn"];
-
- // We do not have to demote an email address from the default so we can just add the new proxy address
- $attributes['exchange_proxyaddress'] = $proxyValue . 'c=' . $country . ';a=' . $admd . ';p=' . $pdmd . ';o=' . $org . ';s=' . $surname . ';g=' . $givenName . ';';
-
- // Translate the update to the LDAP schema
- $add = $this->adldap->adldap_schema($attributes);
-
- if (!$add) { return false; }
-
- // Do the update
- // Take out the @ to see any errors, usually this error might occur because the address already
- // exists in the list of proxyAddresses
- $result = @ldap_mod_add($this->adldap->getLdapConnection(), $userDn, $add);
- if ($result == false) {
- return false;
- }
-
- return true;
- }
-
- /**
- * Add an address to Exchange
- *
- * @param string $username The username of the user to add the Exchange account to
- * @param string $emailAddress The email address to add to this user
- * @param bool $default Make this email address the default address, this is a bit more intensive as we have to demote any existing default addresses
- * @param bool $isGUID Is the username passed a GUID or a samAccountName
- * @return bool
- */
- public function addAddress($username, $emailAddress, $default = FALSE, $isGUID = false)
- {
- if ($username === NULL) { return "Missing compulsory field [username]"; }
- if ($emailAddress === NULL) { return "Missing compulsory fields [emailAddress]"; }
-
- $proxyValue = 'smtp:';
- if ($default === true) {
- $proxyValue = 'SMTP:';
- }
-
- // Find the dn of the user
- $user = $this->adldap->user()->info($username, array("cn","proxyaddresses"), $isGUID);
- if ($user[0]["dn"] === NULL){ return false; }
- $userDn = $user[0]["dn"];
-
- // We need to scan existing proxy addresses and demote the default one
- if (is_array($user[0]["proxyaddresses"]) && $default === true) {
- $modAddresses = array();
- for ($i=0;$i<sizeof($user[0]['proxyaddresses']);$i++) {
- if (strstr($user[0]['proxyaddresses'][$i], 'SMTP:') !== false) {
- $user[0]['proxyaddresses'][$i] = str_replace('SMTP:', 'smtp:', $user[0]['proxyaddresses'][$i]);
- }
- if ($user[0]['proxyaddresses'][$i] != '') {
- $modAddresses['proxyAddresses'][$i] = $user[0]['proxyaddresses'][$i];
- }
- }
- $modAddresses['proxyAddresses'][(sizeof($user[0]['proxyaddresses'])-1)] = 'SMTP:' . $emailAddress;
-
- $result = @ldap_mod_replace($this->adldap->getLdapConnection(), $userDn, $modAddresses);
- if ($result == false) {
- return false;
- }
-
- return true;
- }
- else {
- // We do not have to demote an email address from the default so we can just add the new proxy address
- $attributes['exchange_proxyaddress'] = $proxyValue . $emailAddress;
-
- // Translate the update to the LDAP schema
- $add = $this->adldap->adldap_schema($attributes);
-
- if (!$add) {
- return false;
- }
-
- // Do the update
- // Take out the @ to see any errors, usually this error might occur because the address already
- // exists in the list of proxyAddresses
- $result = @ldap_mod_add($this->adldap->getLdapConnection(), $userDn,$add);
- if ($result == false) {
- return false;
- }
-
- return true;
- }
- }
-
- /**
- * Remove an address to Exchange
- * If you remove a default address the account will no longer have a default,
- * we recommend changing the default address first
- *
- * @param string $username The username of the user to add the Exchange account to
- * @param string $emailAddress The email address to add to this user
- * @param bool $isGUID Is the username passed a GUID or a samAccountName
- * @return bool
- */
- public function deleteAddress($username, $emailAddress, $isGUID=false)
- {
- if ($username === NULL) { return "Missing compulsory field [username]"; }
- if ($emailAddress === NULL) { return "Missing compulsory fields [emailAddress]"; }
-
- // Find the dn of the user
- $user = $this->adldap->user()->info($username, array("cn","proxyaddresses"), $isGUID);
- if ($user[0]["dn"] === NULL) { return false; }
- $userDn = $user[0]["dn"];
-
- if (is_array($user[0]["proxyaddresses"])) {
- $mod = array();
- for ($i=0;$i<sizeof($user[0]['proxyaddresses']);$i++) {
- if (strstr($user[0]['proxyaddresses'][$i], 'SMTP:') !== false && $user[0]['proxyaddresses'][$i] == 'SMTP:' . $emailAddress) {
- $mod['proxyAddresses'][0] = 'SMTP:' . $emailAddress;
- }
- elseif (strstr($user[0]['proxyaddresses'][$i], 'smtp:') !== false && $user[0]['proxyaddresses'][$i] == 'smtp:' . $emailAddress) {
- $mod['proxyAddresses'][0] = 'smtp:' . $emailAddress;
- }
- }
-
- $result = @ldap_mod_del($this->adldap->getLdapConnection(), $userDn,$mod);
- if ($result == false) {
- return false;
- }
-
- return true;
- }
- else {
- return false;
- }
- }
- /**
- * Change the default address
- *
- * @param string $username The username of the user to add the Exchange account to
- * @param string $emailAddress The email address to make default
- * @param bool $isGUID Is the username passed a GUID or a samAccountName
- * @return bool
- */
- public function primaryAddress($username, $emailAddress, $isGUID = false)
- {
- if ($username === NULL) { return "Missing compulsory field [username]"; }
- if ($emailAddress === NULL) { return "Missing compulsory fields [emailAddress]"; }
-
- // Find the dn of the user
- $user = $this->adldap->user()->info($username, array("cn","proxyaddresses"), $isGUID);
- if ($user[0]["dn"] === NULL){ return false; }
- $userDn = $user[0]["dn"];
-
- if (is_array($user[0]["proxyaddresses"])) {
- $modAddresses = array();
- for ($i=0;$i<sizeof($user[0]['proxyaddresses']);$i++) {
- if (strstr($user[0]['proxyaddresses'][$i], 'SMTP:') !== false) {
- $user[0]['proxyaddresses'][$i] = str_replace('SMTP:', 'smtp:', $user[0]['proxyaddresses'][$i]);
- }
- if ($user[0]['proxyaddresses'][$i] == 'smtp:' . $emailAddress) {
- $user[0]['proxyaddresses'][$i] = str_replace('smtp:', 'SMTP:', $user[0]['proxyaddresses'][$i]);
- }
- if ($user[0]['proxyaddresses'][$i] != '') {
- $modAddresses['proxyAddresses'][$i] = $user[0]['proxyaddresses'][$i];
- }
- }
-
- $result = @ldap_mod_replace($this->adldap->getLdapConnection(), $userDn, $modAddresses);
- if ($result == false) {
- return false;
- }
-
- return true;
- }
-
- }
-
- /**
- * Mail enable a contact
- * Allows email to be sent to them through Exchange
- *
- * @param string $distinguishedName The contact to mail enable
- * @param string $emailAddress The email address to allow emails to be sent through
- * @param string $mailNickname The mailnickname for the contact in Exchange. If NULL this will be set to the display name
- * @return bool
- */
- public function contactMailEnable($distinguishedName, $emailAddress, $mailNickname = NULL)
- {
- if ($distinguishedName === NULL) { return "Missing compulsory field [distinguishedName]"; }
- if ($emailAddress === NULL) { return "Missing compulsory field [emailAddress]"; }
-
- if ($mailNickname !== NULL) {
- // Find the dn of the user
- $user = $this->adldap->contact()->info($distinguishedName, array("cn","displayname"));
- if ($user[0]["displayname"] === NULL) { return false; }
- $mailNickname = $user[0]['displayname'][0];
- }
-
- $attributes = array("email"=>$emailAddress,"contact_email"=>"SMTP:" . $emailAddress,"exchange_proxyaddress"=>"SMTP:" . $emailAddress,"exchange_mailnickname" => $mailNickname);
-
- // Translate the update to the LDAP schema
- $mod = $this->adldap->adldap_schema($attributes);
-
- // Check to see if this is an enabled status update
- if (!$mod) { return false; }
-
- // Do the update
- $result = ldap_modify($this->adldap->getLdapConnection(), $distinguishedName, $mod);
- if ($result == false) { return false; }
-
- return true;
- }
-
- /**
- * Returns a list of Exchange Servers in the ConfigurationNamingContext of the domain
- *
- * @param array $attributes An array of the AD attributes you wish to return
- * @return array
- */
- public function servers($attributes = array('cn','distinguishedname','serialnumber'))
- {
- if (!$this->adldap->getLdapBind()){ return false; }
-
- $configurationNamingContext = $this->adldap->getRootDse(array('configurationnamingcontext'));
- $sr = @ldap_search($this->adldap->getLdapConnection(), $configurationNamingContext[0]['configurationnamingcontext'][0],'(&(objectCategory=msExchExchangeServer))', $attributes);
- $entries = @ldap_get_entries($this->adldap->getLdapConnection(), $sr);
- return $entries;
- }
-
- /**
- * Returns a list of Storage Groups in Exchange for a given mail server
- *
- * @param string $exchangeServer The full DN of an Exchange server. You can use exchange_servers() to find the DN for your server
- * @param array $attributes An array of the AD attributes you wish to return
- * @param bool $recursive If enabled this will automatically query the databases within a storage group
- * @return array
- */
- public function storageGroups($exchangeServer, $attributes = array('cn','distinguishedname'), $recursive = NULL)
- {
- if (!$this->adldap->getLdapBind()){ return false; }
- if ($exchangeServer === NULL) { return "Missing compulsory field [exchangeServer]"; }
- if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); }
-
- $filter = '(&(objectCategory=msExchStorageGroup))';
- $sr = @ldap_search($this->adldap->getLdapConnection(), $exchangeServer, $filter, $attributes);
- $entries = @ldap_get_entries($this->adldap->getLdapConnection(), $sr);
-
- if ($recursive === true) {
- for ($i=0; $i<$entries['count']; $i++) {
- $entries[$i]['msexchprivatemdb'] = $this->storageDatabases($entries[$i]['distinguishedname'][0]);
- }
- }
-
- return $entries;
- }
-
- /**
- * Returns a list of Databases within any given storage group in Exchange for a given mail server
- *
- * @param string $storageGroup The full DN of an Storage Group. You can use exchange_storage_groups() to find the DN
- * @param array $attributes An array of the AD attributes you wish to return
- * @return array
- */
- public function storageDatabases($storageGroup, $attributes = array('cn','distinguishedname','displayname')) {
- if (!$this->adldap->getLdapBind()){ return false; }
- if ($storageGroup === NULL) { return "Missing compulsory field [storageGroup]"; }
-
- $filter = '(&(objectCategory=msExchPrivateMDB))';
- $sr = @ldap_search($this->adldap->getLdapConnection(), $storageGroup, $filter, $attributes);
- $entries = @ldap_get_entries($this->adldap->getLdapConnection(), $sr);
- return $entries;
- }
-}
+<?php +/** + * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY + * Version 4.0.4 + * + * PHP Version 5 with SSL and LDAP support + * + * Written by Scott Barnett, Richard Hyland + * email: scott@wiggumworld.com, adldap@richardhyland.com + * http://adldap.sourceforge.net/ + * + * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * + * We'd appreciate any improvements or additions to be submitted back + * to benefit the entire community :) + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * @category ToolsAndUtilities + * @package adLDAP + * @subpackage Exchange + * @author Scott Barnett, Richard Hyland + * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1 + * @revision $Revision: 97 $ + * @version 4.0.4 + * @link http://adldap.sourceforge.net/ + */ +require_once(dirname(__FILE__) . '/../adLDAP.php'); + +/** +* MICROSOFT EXCHANGE FUNCTIONS +*/ +class adLDAPExchange { + /** + * The current adLDAP connection via dependency injection + * + * @var adLDAP + */ + protected $adldap; + + public function __construct(adLDAP $adldap) { + $this->adldap = $adldap; + } + + /** + * Create an Exchange account + * + * @param string $username The username of the user to add the Exchange account to + * @param array $storageGroup The mailbox, Exchange Storage Group, for the user account, this must be a full CN + * If the storage group has a different base_dn to the adLDAP configuration, set it using $base_dn + * @param string $emailAddress The primary email address to add to this user + * @param string $mailNickname The mail nick name. If mail nickname is blank, the username will be used + * @param bool $mdbUseDefaults Indicates whether the store should use the default quota, rather than the per-mailbox quota. + * @param string $baseDn Specify an alternative base_dn for the Exchange storage group + * @param bool $isGUID Is the username passed a GUID or a samAccountName + * @return bool + */ + public function createMailbox($username, $storageGroup, $emailAddress, $mailNickname=NULL, $useDefaults=TRUE, $baseDn=NULL, $isGUID=false) + { + if ($username === NULL){ return "Missing compulsory field [username]"; } + if ($storageGroup === NULL) { return "Missing compulsory array [storagegroup]"; } + if (!is_array($storageGroup)) { return "[storagegroup] must be an array"; } + if ($emailAddress === NULL) { return "Missing compulsory field [emailAddress]"; } + + if ($baseDn === NULL) { + $baseDn = $this->adldap->getBaseDn(); + } + + $container = "CN=" . implode(",CN=", $storageGroup); + + if ($mailNickname === NULL) { + $mailNickname = $username; + } + $mdbUseDefaults = $this->adldap->utilities()->boolToString($useDefaults); + + $attributes = array( + 'exchange_homemdb'=>$container.",".$baseDn, + 'exchange_proxyaddress'=>'SMTP:' . $emailAddress, + 'exchange_mailnickname'=>$mailNickname, + 'exchange_usedefaults'=>$mdbUseDefaults + ); + $result = $this->adldap->user()->modify($username, $attributes, $isGUID); + if ($result == false) { + return false; + } + return true; + } + + /** + * Add an X400 address to Exchange + * See http://tools.ietf.org/html/rfc1685 for more information. + * An X400 Address looks similar to this X400:c=US;a= ;p=Domain;o=Organization;s=Doe;g=John; + * + * @param string $username The username of the user to add the X400 to to + * @param string $country Country + * @param string $admd Administration Management Domain + * @param string $pdmd Private Management Domain (often your AD domain) + * @param string $org Organization + * @param string $surname Surname + * @param string $givenName Given name + * @param bool $isGUID Is the username passed a GUID or a samAccountName + * @return bool + */ + public function addX400($username, $country, $admd, $pdmd, $org, $surname, $givenName, $isGUID=false) + { + if ($username === NULL){ return "Missing compulsory field [username]"; } + + $proxyValue = 'X400:'; + + // Find the dn of the user + $user = $this->adldap->user()->info($username, array("cn","proxyaddresses"), $isGUID); + if ($user[0]["dn"] === NULL) { return false; } + $userDn = $user[0]["dn"]; + + // We do not have to demote an email address from the default so we can just add the new proxy address + $attributes['exchange_proxyaddress'] = $proxyValue . 'c=' . $country . ';a=' . $admd . ';p=' . $pdmd . ';o=' . $org . ';s=' . $surname . ';g=' . $givenName . ';'; + + // Translate the update to the LDAP schema + $add = $this->adldap->adldap_schema($attributes); + + if (!$add) { return false; } + + // Do the update + // Take out the @ to see any errors, usually this error might occur because the address already + // exists in the list of proxyAddresses + $result = @ldap_mod_add($this->adldap->getLdapConnection(), $userDn, $add); + if ($result == false) { + return false; + } + + return true; + } + + /** + * Add an address to Exchange + * + * @param string $username The username of the user to add the Exchange account to + * @param string $emailAddress The email address to add to this user + * @param bool $default Make this email address the default address, this is a bit more intensive as we have to demote any existing default addresses + * @param bool $isGUID Is the username passed a GUID or a samAccountName + * @return bool + */ + public function addAddress($username, $emailAddress, $default = FALSE, $isGUID = false) + { + if ($username === NULL) { return "Missing compulsory field [username]"; } + if ($emailAddress === NULL) { return "Missing compulsory fields [emailAddress]"; } + + $proxyValue = 'smtp:'; + if ($default === true) { + $proxyValue = 'SMTP:'; + } + + // Find the dn of the user + $user = $this->adldap->user()->info($username, array("cn","proxyaddresses"), $isGUID); + if ($user[0]["dn"] === NULL){ return false; } + $userDn = $user[0]["dn"]; + + // We need to scan existing proxy addresses and demote the default one + if (is_array($user[0]["proxyaddresses"]) && $default === true) { + $modAddresses = array(); + for ($i=0;$i<sizeof($user[0]['proxyaddresses']);$i++) { + if (strstr($user[0]['proxyaddresses'][$i], 'SMTP:') !== false) { + $user[0]['proxyaddresses'][$i] = str_replace('SMTP:', 'smtp:', $user[0]['proxyaddresses'][$i]); + } + if ($user[0]['proxyaddresses'][$i] != '') { + $modAddresses['proxyAddresses'][$i] = $user[0]['proxyaddresses'][$i]; + } + } + $modAddresses['proxyAddresses'][(sizeof($user[0]['proxyaddresses'])-1)] = 'SMTP:' . $emailAddress; + + $result = @ldap_mod_replace($this->adldap->getLdapConnection(), $userDn, $modAddresses); + if ($result == false) { + return false; + } + + return true; + } + else { + // We do not have to demote an email address from the default so we can just add the new proxy address + $attributes['exchange_proxyaddress'] = $proxyValue . $emailAddress; + + // Translate the update to the LDAP schema + $add = $this->adldap->adldap_schema($attributes); + + if (!$add) { + return false; + } + + // Do the update + // Take out the @ to see any errors, usually this error might occur because the address already + // exists in the list of proxyAddresses + $result = @ldap_mod_add($this->adldap->getLdapConnection(), $userDn,$add); + if ($result == false) { + return false; + } + + return true; + } + } + + /** + * Remove an address to Exchange + * If you remove a default address the account will no longer have a default, + * we recommend changing the default address first + * + * @param string $username The username of the user to add the Exchange account to + * @param string $emailAddress The email address to add to this user + * @param bool $isGUID Is the username passed a GUID or a samAccountName + * @return bool + */ + public function deleteAddress($username, $emailAddress, $isGUID=false) + { + if ($username === NULL) { return "Missing compulsory field [username]"; } + if ($emailAddress === NULL) { return "Missing compulsory fields [emailAddress]"; } + + // Find the dn of the user + $user = $this->adldap->user()->info($username, array("cn","proxyaddresses"), $isGUID); + if ($user[0]["dn"] === NULL) { return false; } + $userDn = $user[0]["dn"]; + + if (is_array($user[0]["proxyaddresses"])) { + $mod = array(); + for ($i=0;$i<sizeof($user[0]['proxyaddresses']);$i++) { + if (strstr($user[0]['proxyaddresses'][$i], 'SMTP:') !== false && $user[0]['proxyaddresses'][$i] == 'SMTP:' . $emailAddress) { + $mod['proxyAddresses'][0] = 'SMTP:' . $emailAddress; + } + elseif (strstr($user[0]['proxyaddresses'][$i], 'smtp:') !== false && $user[0]['proxyaddresses'][$i] == 'smtp:' . $emailAddress) { + $mod['proxyAddresses'][0] = 'smtp:' . $emailAddress; + } + } + + $result = @ldap_mod_del($this->adldap->getLdapConnection(), $userDn,$mod); + if ($result == false) { + return false; + } + + return true; + } + else { + return false; + } + } + /** + * Change the default address + * + * @param string $username The username of the user to add the Exchange account to + * @param string $emailAddress The email address to make default + * @param bool $isGUID Is the username passed a GUID or a samAccountName + * @return bool + */ + public function primaryAddress($username, $emailAddress, $isGUID = false) + { + if ($username === NULL) { return "Missing compulsory field [username]"; } + if ($emailAddress === NULL) { return "Missing compulsory fields [emailAddress]"; } + + // Find the dn of the user + $user = $this->adldap->user()->info($username, array("cn","proxyaddresses"), $isGUID); + if ($user[0]["dn"] === NULL){ return false; } + $userDn = $user[0]["dn"]; + + if (is_array($user[0]["proxyaddresses"])) { + $modAddresses = array(); + for ($i=0;$i<sizeof($user[0]['proxyaddresses']);$i++) { + if (strstr($user[0]['proxyaddresses'][$i], 'SMTP:') !== false) { + $user[0]['proxyaddresses'][$i] = str_replace('SMTP:', 'smtp:', $user[0]['proxyaddresses'][$i]); + } + if ($user[0]['proxyaddresses'][$i] == 'smtp:' . $emailAddress) { + $user[0]['proxyaddresses'][$i] = str_replace('smtp:', 'SMTP:', $user[0]['proxyaddresses'][$i]); + } + if ($user[0]['proxyaddresses'][$i] != '') { + $modAddresses['proxyAddresses'][$i] = $user[0]['proxyaddresses'][$i]; + } + } + + $result = @ldap_mod_replace($this->adldap->getLdapConnection(), $userDn, $modAddresses); + if ($result == false) { + return false; + } + + return true; + } + + } + + /** + * Mail enable a contact + * Allows email to be sent to them through Exchange + * + * @param string $distinguishedName The contact to mail enable + * @param string $emailAddress The email address to allow emails to be sent through + * @param string $mailNickname The mailnickname for the contact in Exchange. If NULL this will be set to the display name + * @return bool + */ + public function contactMailEnable($distinguishedName, $emailAddress, $mailNickname = NULL) + { + if ($distinguishedName === NULL) { return "Missing compulsory field [distinguishedName]"; } + if ($emailAddress === NULL) { return "Missing compulsory field [emailAddress]"; } + + if ($mailNickname !== NULL) { + // Find the dn of the user + $user = $this->adldap->contact()->info($distinguishedName, array("cn","displayname")); + if ($user[0]["displayname"] === NULL) { return false; } + $mailNickname = $user[0]['displayname'][0]; + } + + $attributes = array("email"=>$emailAddress,"contact_email"=>"SMTP:" . $emailAddress,"exchange_proxyaddress"=>"SMTP:" . $emailAddress,"exchange_mailnickname" => $mailNickname); + + // Translate the update to the LDAP schema + $mod = $this->adldap->adldap_schema($attributes); + + // Check to see if this is an enabled status update + if (!$mod) { return false; } + + // Do the update + $result = ldap_modify($this->adldap->getLdapConnection(), $distinguishedName, $mod); + if ($result == false) { return false; } + + return true; + } + + /** + * Returns a list of Exchange Servers in the ConfigurationNamingContext of the domain + * + * @param array $attributes An array of the AD attributes you wish to return + * @return array + */ + public function servers($attributes = array('cn','distinguishedname','serialnumber')) + { + if (!$this->adldap->getLdapBind()){ return false; } + + $configurationNamingContext = $this->adldap->getRootDse(array('configurationnamingcontext')); + $sr = @ldap_search($this->adldap->getLdapConnection(), $configurationNamingContext[0]['configurationnamingcontext'][0],'(&(objectCategory=msExchExchangeServer))', $attributes); + $entries = @ldap_get_entries($this->adldap->getLdapConnection(), $sr); + return $entries; + } + + /** + * Returns a list of Storage Groups in Exchange for a given mail server + * + * @param string $exchangeServer The full DN of an Exchange server. You can use exchange_servers() to find the DN for your server + * @param array $attributes An array of the AD attributes you wish to return + * @param bool $recursive If enabled this will automatically query the databases within a storage group + * @return array + */ + public function storageGroups($exchangeServer, $attributes = array('cn','distinguishedname'), $recursive = NULL) + { + if (!$this->adldap->getLdapBind()){ return false; } + if ($exchangeServer === NULL) { return "Missing compulsory field [exchangeServer]"; } + if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } + + $filter = '(&(objectCategory=msExchStorageGroup))'; + $sr = @ldap_search($this->adldap->getLdapConnection(), $exchangeServer, $filter, $attributes); + $entries = @ldap_get_entries($this->adldap->getLdapConnection(), $sr); + + if ($recursive === true) { + for ($i=0; $i<$entries['count']; $i++) { + $entries[$i]['msexchprivatemdb'] = $this->storageDatabases($entries[$i]['distinguishedname'][0]); + } + } + + return $entries; + } + + /** + * Returns a list of Databases within any given storage group in Exchange for a given mail server + * + * @param string $storageGroup The full DN of an Storage Group. You can use exchange_storage_groups() to find the DN + * @param array $attributes An array of the AD attributes you wish to return + * @return array + */ + public function storageDatabases($storageGroup, $attributes = array('cn','distinguishedname','displayname')) { + if (!$this->adldap->getLdapBind()){ return false; } + if ($storageGroup === NULL) { return "Missing compulsory field [storageGroup]"; } + + $filter = '(&(objectCategory=msExchPrivateMDB))'; + $sr = @ldap_search($this->adldap->getLdapConnection(), $storageGroup, $filter, $attributes); + $entries = @ldap_get_entries($this->adldap->getLdapConnection(), $sr); + return $entries; + } +} ?>
\ No newline at end of file diff --git a/lib/plugins/authad/adLDAP/classes/adLDAPFolders.php b/lib/plugins/authad/adLDAP/classes/adLDAPFolders.php index 55120152d..67b1474db 100644 --- a/lib/plugins/authad/adLDAP/classes/adLDAPFolders.php +++ b/lib/plugins/authad/adLDAP/classes/adLDAPFolders.php @@ -1,179 +1,179 @@ -<?php
-/**
- * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
- * Version 4.0.4
- *
- * PHP Version 5 with SSL and LDAP support
- *
- * Written by Scott Barnett, Richard Hyland
- * email: scott@wiggumworld.com, adldap@richardhyland.com
- * http://adldap.sourceforge.net/
- *
- * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- *
- * We'd appreciate any improvements or additions to be submitted back
- * to benefit the entire community :)
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * @category ToolsAndUtilities
- * @package adLDAP
- * @subpackage Folders
- * @author Scott Barnett, Richard Hyland
- * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
- * @revision $Revision: 97 $
- * @version 4.0.4
- * @link http://adldap.sourceforge.net/
- */
-require_once(dirname(__FILE__) . '/../adLDAP.php');
-
-/**
-* FOLDER / OU MANAGEMENT FUNCTIONS
-*/
-class adLDAPFolders {
- /**
- * The current adLDAP connection via dependency injection
- *
- * @var adLDAP
- */
- protected $adldap;
-
- public function __construct(adLDAP $adldap) {
- $this->adldap = $adldap;
- }
-
- /**
- * Delete a distinguished name from Active Directory
- * You should never need to call this yourself, just use the wrapper functions user_delete and contact_delete
- *
- * @param string $dn The distinguished name to delete
- * @return bool
- */
- public function delete($dn){
- $result = ldap_delete($this->adldap->getLdapConnection(), $dn);
- if ($result != true) {
- return false;
- }
- return true;
- }
-
- /**
- * Returns a folder listing for a specific OU
- * See http://adldap.sourceforge.net/wiki/doku.php?id=api_folder_functions
- *
- * @param array $folderName An array to the OU you wish to list.
- * If set to NULL will list the root, strongly recommended to set
- * $recursive to false in that instance!
- * @param string $dnType The type of record to list. This can be ADLDAP_FOLDER or ADLDAP_CONTAINER.
- * @param bool $recursive Recursively search sub folders
- * @param bool $type Specify a type of object to search for
- * @return array
- */
- public function listing($folderName = NULL, $dnType = adLDAP::ADLDAP_FOLDER, $recursive = NULL, $type = NULL)
- {
- if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } //use the default option if they haven't set it
- if (!$this->adldap->getLdapBind()) { return false; }
-
- $filter = '(&';
- if ($type !== NULL) {
- switch ($type) {
- case 'contact':
- $filter .= '(objectClass=contact)';
- break;
- case 'computer':
- $filter .= '(objectClass=computer)';
- break;
- case 'group':
- $filter .= '(objectClass=group)';
- break;
- case 'folder':
- $filter .= '(objectClass=organizationalUnit)';
- break;
- case 'container':
- $filter .= '(objectClass=container)';
- break;
- case 'domain':
- $filter .= '(objectClass=builtinDomain)';
- break;
- default:
- $filter .= '(objectClass=user)';
- break;
- }
- }
- else {
- $filter .= '(objectClass=*)';
- }
- // If the folder name is null then we will search the root level of AD
- // This requires us to not have an OU= part, just the base_dn
- $searchOu = $this->adldap->getBaseDn();
- if (is_array($folderName)) {
- $ou = $dnType . "=" . implode("," . $dnType . "=", $folderName);
- $filter .= '(!(distinguishedname=' . $ou . ',' . $this->adldap->getBaseDn() . ')))';
- $searchOu = $ou . ',' . $this->adldap->getBaseDn();
- }
- else {
- $filter .= '(!(distinguishedname=' . $this->adldap->getBaseDn() . ')))';
- }
-
- if ($recursive === true) {
- $sr = ldap_search($this->adldap->getLdapConnection(), $searchOu, $filter, array('objectclass', 'distinguishedname', 'samaccountname'));
- $entries = @ldap_get_entries($this->adldap->getLdapConnection(), $sr);
- if (is_array($entries)) {
- return $entries;
- }
- }
- else {
- $sr = ldap_list($this->adldap->getLdapConnection(), $searchOu, $filter, array('objectclass', 'distinguishedname', 'samaccountname'));
- $entries = @ldap_get_entries($this->adldap->getLdapConnection(), $sr);
- if (is_array($entries)) {
- return $entries;
- }
- }
-
- return false;
- }
-
- /**
- * Create an organizational unit
- *
- * @param array $attributes Default attributes of the ou
- * @return bool
- */
- public function create($attributes)
- {
- if (!is_array($attributes)){ return "Attributes must be an array"; }
- if (!is_array($attributes["container"])) { return "Container attribute must be an array."; }
- if (!array_key_exists("ou_name",$attributes)) { return "Missing compulsory field [ou_name]"; }
- if (!array_key_exists("container",$attributes)) { return "Missing compulsory field [container]"; }
-
- $attributes["container"] = array_reverse($attributes["container"]);
-
- $add=array();
- $add["objectClass"] = "organizationalUnit";
- $add["OU"] = $attributes['ou_name'];
- $containers = "";
- if (count($attributes['container']) > 0) {
- $containers = "OU=" . implode(",OU=", $attributes["container"]) . ",";
- }
-
- $containers = "OU=" . implode(",OU=", $attributes["container"]);
- $result = ldap_add($this->adldap->getLdapConnection(), "OU=" . $add["OU"] . ", " . $containers . $this->adldap->getBaseDn(), $add);
- if ($result != true) {
- return false;
- }
-
- return true;
- }
-
-}
-
+<?php +/** + * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY + * Version 4.0.4 + * + * PHP Version 5 with SSL and LDAP support + * + * Written by Scott Barnett, Richard Hyland + * email: scott@wiggumworld.com, adldap@richardhyland.com + * http://adldap.sourceforge.net/ + * + * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * + * We'd appreciate any improvements or additions to be submitted back + * to benefit the entire community :) + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * @category ToolsAndUtilities + * @package adLDAP + * @subpackage Folders + * @author Scott Barnett, Richard Hyland + * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1 + * @revision $Revision: 97 $ + * @version 4.0.4 + * @link http://adldap.sourceforge.net/ + */ +require_once(dirname(__FILE__) . '/../adLDAP.php'); + +/** +* FOLDER / OU MANAGEMENT FUNCTIONS +*/ +class adLDAPFolders { + /** + * The current adLDAP connection via dependency injection + * + * @var adLDAP + */ + protected $adldap; + + public function __construct(adLDAP $adldap) { + $this->adldap = $adldap; + } + + /** + * Delete a distinguished name from Active Directory + * You should never need to call this yourself, just use the wrapper functions user_delete and contact_delete + * + * @param string $dn The distinguished name to delete + * @return bool + */ + public function delete($dn){ + $result = ldap_delete($this->adldap->getLdapConnection(), $dn); + if ($result != true) { + return false; + } + return true; + } + + /** + * Returns a folder listing for a specific OU + * See http://adldap.sourceforge.net/wiki/doku.php?id=api_folder_functions + * + * @param array $folderName An array to the OU you wish to list. + * If set to NULL will list the root, strongly recommended to set + * $recursive to false in that instance! + * @param string $dnType The type of record to list. This can be ADLDAP_FOLDER or ADLDAP_CONTAINER. + * @param bool $recursive Recursively search sub folders + * @param bool $type Specify a type of object to search for + * @return array + */ + public function listing($folderName = NULL, $dnType = adLDAP::ADLDAP_FOLDER, $recursive = NULL, $type = NULL) + { + if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } //use the default option if they haven't set it + if (!$this->adldap->getLdapBind()) { return false; } + + $filter = '(&'; + if ($type !== NULL) { + switch ($type) { + case 'contact': + $filter .= '(objectClass=contact)'; + break; + case 'computer': + $filter .= '(objectClass=computer)'; + break; + case 'group': + $filter .= '(objectClass=group)'; + break; + case 'folder': + $filter .= '(objectClass=organizationalUnit)'; + break; + case 'container': + $filter .= '(objectClass=container)'; + break; + case 'domain': + $filter .= '(objectClass=builtinDomain)'; + break; + default: + $filter .= '(objectClass=user)'; + break; + } + } + else { + $filter .= '(objectClass=*)'; + } + // If the folder name is null then we will search the root level of AD + // This requires us to not have an OU= part, just the base_dn + $searchOu = $this->adldap->getBaseDn(); + if (is_array($folderName)) { + $ou = $dnType . "=" . implode("," . $dnType . "=", $folderName); + $filter .= '(!(distinguishedname=' . $ou . ',' . $this->adldap->getBaseDn() . ')))'; + $searchOu = $ou . ',' . $this->adldap->getBaseDn(); + } + else { + $filter .= '(!(distinguishedname=' . $this->adldap->getBaseDn() . ')))'; + } + + if ($recursive === true) { + $sr = ldap_search($this->adldap->getLdapConnection(), $searchOu, $filter, array('objectclass', 'distinguishedname', 'samaccountname')); + $entries = @ldap_get_entries($this->adldap->getLdapConnection(), $sr); + if (is_array($entries)) { + return $entries; + } + } + else { + $sr = ldap_list($this->adldap->getLdapConnection(), $searchOu, $filter, array('objectclass', 'distinguishedname', 'samaccountname')); + $entries = @ldap_get_entries($this->adldap->getLdapConnection(), $sr); + if (is_array($entries)) { + return $entries; + } + } + + return false; + } + + /** + * Create an organizational unit + * + * @param array $attributes Default attributes of the ou + * @return bool + */ + public function create($attributes) + { + if (!is_array($attributes)){ return "Attributes must be an array"; } + if (!is_array($attributes["container"])) { return "Container attribute must be an array."; } + if (!array_key_exists("ou_name",$attributes)) { return "Missing compulsory field [ou_name]"; } + if (!array_key_exists("container",$attributes)) { return "Missing compulsory field [container]"; } + + $attributes["container"] = array_reverse($attributes["container"]); + + $add=array(); + $add["objectClass"] = "organizationalUnit"; + $add["OU"] = $attributes['ou_name']; + $containers = ""; + if (count($attributes['container']) > 0) { + $containers = "OU=" . implode(",OU=", $attributes["container"]) . ","; + } + + $containers = "OU=" . implode(",OU=", $attributes["container"]); + $result = ldap_add($this->adldap->getLdapConnection(), "OU=" . $add["OU"] . ", " . $containers . $this->adldap->getBaseDn(), $add); + if ($result != true) { + return false; + } + + return true; + } + +} + ?>
\ No newline at end of file diff --git a/lib/plugins/authad/adLDAP/classes/adLDAPGroups.php b/lib/plugins/authad/adLDAP/classes/adLDAPGroups.php index 05e4cc93b..94bc04853 100644 --- a/lib/plugins/authad/adLDAP/classes/adLDAPGroups.php +++ b/lib/plugins/authad/adLDAP/classes/adLDAPGroups.php @@ -1,631 +1,631 @@ -<?php
-/**
- * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
- * Version 4.0.4
- *
- * PHP Version 5 with SSL and LDAP support
- *
- * Written by Scott Barnett, Richard Hyland
- * email: scott@wiggumworld.com, adldap@richardhyland.com
- * http://adldap.sourceforge.net/
- *
- * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- *
- * We'd appreciate any improvements or additions to be submitted back
- * to benefit the entire community :)
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * @category ToolsAndUtilities
- * @package adLDAP
- * @subpackage Groups
- * @author Scott Barnett, Richard Hyland
- * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
- * @revision $Revision: 97 $
- * @version 4.0.4
- * @link http://adldap.sourceforge.net/
- */
-require_once(dirname(__FILE__) . '/../adLDAP.php');
-require_once(dirname(__FILE__) . '/../collections/adLDAPGroupCollection.php');
-
-/**
-* GROUP FUNCTIONS
-*/
-class adLDAPGroups {
- /**
- * The current adLDAP connection via dependency injection
- *
- * @var adLDAP
- */
- protected $adldap;
-
- public function __construct(adLDAP $adldap) {
- $this->adldap = $adldap;
- }
-
- /**
- * Add a group to a group
- *
- * @param string $parent The parent group name
- * @param string $child The child group name
- * @return bool
- */
- public function addGroup($parent,$child){
-
- // Find the parent group's dn
- $parentGroup = $this->ginfo($parent, array("cn"));
- if ($parentGroup[0]["dn"] === NULL){
- return false;
- }
- $parentDn = $parentGroup[0]["dn"];
-
- // Find the child group's dn
- $childGroup = $this->info($child, array("cn"));
- if ($childGroup[0]["dn"] === NULL){
- return false;
- }
- $childDn = $childGroup[0]["dn"];
-
- $add = array();
- $add["member"] = $childDn;
-
- $result = @ldap_mod_add($this->adldap->getLdapConnection(), $parentDn, $add);
- if ($result == false) {
- return false;
- }
- return true;
- }
-
- /**
- * Add a user to a group
- *
- * @param string $group The group to add the user to
- * @param string $user The user to add to the group
- * @param bool $isGUID Is the username passed a GUID or a samAccountName
- * @return bool
- */
- public function addUser($group, $user, $isGUID = false)
- {
- // Adding a user is a bit fiddly, we need to get the full DN of the user
- // and add it using the full DN of the group
-
- // Find the user's dn
- $userDn = $this->adldap->user()->dn($user, $isGUID);
- if ($userDn === false) {
- return false;
- }
-
- // Find the group's dn
- $groupInfo = $this->info($group, array("cn"));
- if ($groupInfo[0]["dn"] === NULL) {
- return false;
- }
- $groupDn = $groupInfo[0]["dn"];
-
- $add = array();
- $add["member"] = $userDn;
-
- $result = @ldap_mod_add($this->adldap->getLdapConnection(), $groupDn, $add);
- if ($result == false) {
- return false;
- }
- return true;
- }
-
- /**
- * Add a contact to a group
- *
- * @param string $group The group to add the contact to
- * @param string $contactDn The DN of the contact to add
- * @return bool
- */
- public function addContact($group, $contactDn)
- {
- // To add a contact we take the contact's DN
- // and add it using the full DN of the group
-
- // Find the group's dn
- $groupInfo = $this->info($group, array("cn"));
- if ($groupInfo[0]["dn"] === NULL) {
- return false;
- }
- $groupDn = $groupInfo[0]["dn"];
-
- $add = array();
- $add["member"] = $contactDn;
-
- $result = @ldap_mod_add($this->adldap->getLdapConnection(), $groupDn, $add);
- if ($result == false) {
- return false;
- }
- return true;
- }
-
- /**
- * Create a group
- *
- * @param array $attributes Default attributes of the group
- * @return bool
- */
- public function create($attributes)
- {
- if (!is_array($attributes)){ return "Attributes must be an array"; }
- if (!array_key_exists("group_name", $attributes)){ return "Missing compulsory field [group_name]"; }
- if (!array_key_exists("container", $attributes)){ return "Missing compulsory field [container]"; }
- if (!array_key_exists("description", $attributes)){ return "Missing compulsory field [description]"; }
- if (!is_array($attributes["container"])){ return "Container attribute must be an array."; }
- $attributes["container"] = array_reverse($attributes["container"]);
-
- //$member_array = array();
- //$member_array[0] = "cn=user1,cn=Users,dc=yourdomain,dc=com";
- //$member_array[1] = "cn=administrator,cn=Users,dc=yourdomain,dc=com";
-
- $add = array();
- $add["cn"] = $attributes["group_name"];
- $add["samaccountname"] = $attributes["group_name"];
- $add["objectClass"] = "Group";
- $add["description"] = $attributes["description"];
- //$add["member"] = $member_array; UNTESTED
-
- $container = "OU=" . implode(",OU=", $attributes["container"]);
- $result = ldap_add($this->adldap->getLdapConnection(), "CN=" . $add["cn"] . ", " . $container . "," . $this->adldap->getBaseDn(), $add);
- if ($result != true) {
- return false;
- }
- return true;
- }
-
- /**
- * Delete a group account
- *
- * @param string $group The group to delete (please be careful here!)
- *
- * @return array
- */
- public function delete($group) {
- if (!$this->adldap->getLdapBind()){ return false; }
- if ($group === null){ return "Missing compulsory field [group]"; }
-
- $groupInfo = $this->info($group, array("*"));
- $dn = $groupInfo[0]['distinguishedname'][0];
- $result = $this->adldap->folder()->delete($dn);
- if ($result !== true) {
- return false;
- } return true;
- }
-
- /**
- * Remove a group from a group
- *
- * @param string $parent The parent group name
- * @param string $child The child group name
- * @return bool
- */
- public function removeGroup($parent , $child)
- {
-
- // Find the parent dn
- $parentGroup = $this->info($parent, array("cn"));
- if ($parentGroup[0]["dn"] === NULL) {
- return false;
- }
- $parentDn = $parentGroup[0]["dn"];
-
- // Find the child dn
- $childGroup = $this->info($child, array("cn"));
- if ($childGroup[0]["dn"] === NULL) {
- return false;
- }
- $childDn = $childGroup[0]["dn"];
-
- $del = array();
- $del["member"] = $childDn;
-
- $result = @ldap_mod_del($this->adldap->getLdapConnection(), $parentDn, $del);
- if ($result == false) {
- return false;
- }
- return true;
- }
-
- /**
- * Remove a user from a group
- *
- * @param string $group The group to remove a user from
- * @param string $user The AD user to remove from the group
- * @param bool $isGUID Is the username passed a GUID or a samAccountName
- * @return bool
- */
- public function removeUser($group, $user, $isGUID = false)
- {
-
- // Find the parent dn
- $groupInfo = $this->info($group, array("cn"));
- if ($groupInfo[0]["dn"] === NULL){
- return false;
- }
- $groupDn = $groupInfo[0]["dn"];
-
- // Find the users dn
- $userDn = $this->adldap->user()->dn($user, $isGUID);
- if ($userDn === false) {
- return false;
- }
-
- $del = array();
- $del["member"] = $userDn;
-
- $result = @ldap_mod_del($this->adldap->getLdapConnection(), $groupDn, $del);
- if ($result == false) {
- return false;
- }
- return true;
- }
-
- /**
- * Remove a contact from a group
- *
- * @param string $group The group to remove a user from
- * @param string $contactDn The DN of a contact to remove from the group
- * @return bool
- */
- public function removeContact($group, $contactDn)
- {
-
- // Find the parent dn
- $groupInfo = $this->info($group, array("cn"));
- if ($groupInfo[0]["dn"] === NULL) {
- return false;
- }
- $groupDn = $groupInfo[0]["dn"];
-
- $del = array();
- $del["member"] = $contactDn;
-
- $result = @ldap_mod_del($this->adldap->getLdapConnection(), $groupDn, $del);
- if ($result == false) {
- return false;
- }
- return true;
- }
-
- /**
- * Return a list of groups in a group
- *
- * @param string $group The group to query
- * @param bool $recursive Recursively get groups
- * @return array
- */
- public function inGroup($group, $recursive = NULL)
- {
- if (!$this->adldap->getLdapBind()){ return false; }
- if ($recursive === NULL){ $recursive = $this->adldap->getRecursiveGroups(); } // Use the default option if they haven't set it
-
- // Search the directory for the members of a group
- $info = $this->info($group, array("member","cn"));
- $groups = $info[0]["member"];
- if (!is_array($groups)) {
- return false;
- }
-
- $groupArray = array();
-
- for ($i=0; $i<$groups["count"]; $i++){
- $filter = "(&(objectCategory=group)(distinguishedName=" . $this->adldap->utilities()->ldapSlashes($groups[$i]) . "))";
- $fields = array("samaccountname", "distinguishedname", "objectClass");
- $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
- $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
-
- // not a person, look for a group
- if ($entries['count'] == 0 && $recursive == true) {
- $filter = "(&(objectCategory=group)(distinguishedName=" . $this->adldap->utilities()->ldapSlashes($groups[$i]) . "))";
- $fields = array("distinguishedname");
- $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
- $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
- if (!isset($entries[0]['distinguishedname'][0])) {
- continue;
- }
- $subGroups = $this->inGroup($entries[0]['distinguishedname'][0], $recursive);
- if (is_array($subGroups)) {
- $groupArray = array_merge($groupArray, $subGroups);
- $groupArray = array_unique($groupArray);
- }
- continue;
- }
-
- $groupArray[] = $entries[0]['distinguishedname'][0];
- }
- return $groupArray;
- }
-
- /**
- * Return a list of members in a group
- *
- * @param string $group The group to query
- * @param bool $recursive Recursively get group members
- * @return array
- */
- public function members($group, $recursive = NULL)
- {
- if (!$this->adldap->getLdapBind()){ return false; }
- if ($recursive === NULL){ $recursive = $this->adldap->getRecursiveGroups(); } // Use the default option if they haven't set it
- // Search the directory for the members of a group
- $info = $this->info($group, array("member","cn"));
- $users = $info[0]["member"];
- if (!is_array($users)) {
- return false;
- }
-
- $userArray = array();
-
- for ($i=0; $i<$users["count"]; $i++){
- $filter = "(&(objectCategory=person)(distinguishedName=" . $this->adldap->utilities()->ldapSlashes($users[$i]) . "))";
- $fields = array("samaccountname", "distinguishedname", "objectClass");
- $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
- $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
-
- // not a person, look for a group
- if ($entries['count'] == 0 && $recursive == true) {
- $filter = "(&(objectCategory=group)(distinguishedName=" . $this->adldap->utilities()->ldapSlashes($users[$i]) . "))";
- $fields = array("samaccountname");
- $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
- $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
- if (!isset($entries[0]['samaccountname'][0])) {
- continue;
- }
- $subUsers = $this->members($entries[0]['samaccountname'][0], $recursive);
- if (is_array($subUsers)) {
- $userArray = array_merge($userArray, $subUsers);
- $userArray = array_unique($userArray);
- }
- continue;
- }
- else if ($entries['count'] == 0) {
- continue;
- }
-
- if ((!isset($entries[0]['samaccountname'][0]) || $entries[0]['samaccountname'][0] === NULL) && $entries[0]['distinguishedname'][0] !== NULL) {
- $userArray[] = $entries[0]['distinguishedname'][0];
- }
- else if ($entries[0]['samaccountname'][0] !== NULL) {
- $userArray[] = $entries[0]['samaccountname'][0];
- }
- }
- return $userArray;
- }
-
- /**
- * Group Information. Returns an array of raw information about a group.
- * The group name is case sensitive
- *
- * @param string $groupName The group name to retrieve info about
- * @param array $fields Fields to retrieve
- * @return array
- */
- public function info($groupName, $fields = NULL)
- {
- if ($groupName === NULL) { return false; }
- if (!$this->adldap->getLdapBind()) { return false; }
-
- if (stristr($groupName, '+')) {
- $groupName = stripslashes($groupName);
- }
-
- $filter = "(&(objectCategory=group)(name=" . $this->adldap->utilities()->ldapSlashes($groupName) . "))";
- if ($fields === NULL) {
- $fields = array("member","memberof","cn","description","distinguishedname","objectcategory","samaccountname");
- }
- $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
- $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
-
- return $entries;
- }
-
- /**
- * Group Information. Returns an collection
- * The group name is case sensitive
- *
- * @param string $groupName The group name to retrieve info about
- * @param array $fields Fields to retrieve
- * @return adLDAPGroupCollection
- */
- public function infoCollection($groupName, $fields = NULL)
- {
- if ($groupName === NULL) { return false; }
- if (!$this->adldap->getLdapBind()) { return false; }
-
- $info = $this->info($groupName, $fields);
- if ($info !== false) {
- $collection = new adLDAPGroupCollection($info, $this->adldap);
- return $collection;
- }
- return false;
- }
-
- /**
- * Return a complete list of "groups in groups"
- *
- * @param string $group The group to get the list from
- * @return array
- */
- public function recursiveGroups($group)
- {
- if ($group === NULL) { return false; }
-
- $stack = array();
- $processed = array();
- $retGroups = array();
-
- array_push($stack, $group); // Initial Group to Start with
- while (count($stack) > 0) {
- $parent = array_pop($stack);
- array_push($processed, $parent);
-
- $info = $this->info($parent, array("memberof"));
-
- if (isset($info[0]["memberof"]) && is_array($info[0]["memberof"])) {
- $groups = $info[0]["memberof"];
- if ($groups) {
- $groupNames = $this->adldap->utilities()->niceNames($groups);
- $retGroups = array_merge($retGroups, $groupNames); //final groups to return
- foreach ($groupNames as $id => $groupName) {
- if (!in_array($groupName, $processed)) {
- array_push($stack, $groupName);
- }
- }
- }
- }
- }
-
- return $retGroups;
- }
-
- /**
- * Returns a complete list of the groups in AD based on a SAM Account Type
- *
- * @param string $sAMAaccountType The account type to return
- * @param bool $includeDescription Whether to return a description
- * @param string $search Search parameters
- * @param bool $sorted Whether to sort the results
- * @return array
- */
- public function search($sAMAaccountType = adLDAP::ADLDAP_SECURITY_GLOBAL_GROUP, $includeDescription = false, $search = "*", $sorted = true) {
- if (!$this->adldap->getLdapBind()) { return false; }
-
- $filter = '(&(objectCategory=group)';
- if ($sAMAaccountType !== null) {
- $filter .= '(samaccounttype='. $sAMAaccountType .')';
- }
- $filter .= '(cn=' . $search . '))';
- // Perform the search and grab all their details
- $fields = array("samaccountname", "description");
- $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
- $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
-
- $groupsArray = array();
- for ($i=0; $i<$entries["count"]; $i++){
- if ($includeDescription && strlen($entries[$i]["description"][0]) > 0 ) {
- $groupsArray[$entries[$i]["samaccountname"][0]] = $entries[$i]["description"][0];
- }
- else if ($includeDescription){
- $groupsArray[$entries[$i]["samaccountname"][0]] = $entries[$i]["samaccountname"][0];
- }
- else {
- array_push($groupsArray, $entries[$i]["samaccountname"][0]);
- }
- }
- if ($sorted) {
- asort($groupsArray);
- }
- return $groupsArray;
- }
-
- /**
- * Returns a complete list of all groups in AD
- *
- * @param bool $includeDescription Whether to return a description
- * @param string $search Search parameters
- * @param bool $sorted Whether to sort the results
- * @return array
- */
- public function all($includeDescription = false, $search = "*", $sorted = true){
- $groupsArray = $this->search(null, $includeDescription, $search, $sorted);
- return $groupsArray;
- }
-
- /**
- * Returns a complete list of security groups in AD
- *
- * @param bool $includeDescription Whether to return a description
- * @param string $search Search parameters
- * @param bool $sorted Whether to sort the results
- * @return array
- */
- public function allSecurity($includeDescription = false, $search = "*", $sorted = true){
- $groupsArray = $this->search(adLDAP::ADLDAP_SECURITY_GLOBAL_GROUP, $includeDescription, $search, $sorted);
- return $groupsArray;
- }
-
- /**
- * Returns a complete list of distribution lists in AD
- *
- * @param bool $includeDescription Whether to return a description
- * @param string $search Search parameters
- * @param bool $sorted Whether to sort the results
- * @return array
- */
- public function allDistribution($includeDescription = false, $search = "*", $sorted = true){
- $groupsArray = $this->search(adLDAP::ADLDAP_DISTRIBUTION_GROUP, $includeDescription, $search, $sorted);
- return $groupsArray;
- }
-
- /**
- * Coping with AD not returning the primary group
- * http://support.microsoft.com/?kbid=321360
- *
- * This is a re-write based on code submitted by Bruce which prevents the
- * need to search each security group to find the true primary group
- *
- * @param string $gid Group ID
- * @param string $usersid User's Object SID
- * @return mixed
- */
- public function getPrimaryGroup($gid, $usersid)
- {
- if ($gid === NULL || $usersid === NULL) { return false; }
- $sr = false;
-
- $gsid = substr_replace($usersid, pack('V',$gid), strlen($usersid)-4,4);
- $filter = '(objectsid=' . $this->adldap->utilities()->getTextSID($gsid).')';
- $fields = array("samaccountname","distinguishedname");
- $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
- $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
-
- if (isset($entries[0]['distinguishedname'][0])) {
- return $entries[0]['distinguishedname'][0];
- }
- return false;
- }
-
- /**
- * Coping with AD not returning the primary group
- * http://support.microsoft.com/?kbid=321360
- *
- * For some reason it's not possible to search on primarygrouptoken=XXX
- * If someone can show otherwise, I'd like to know about it :)
- * this way is resource intensive and generally a pain in the @#%^
- *
- * @deprecated deprecated since version 3.1, see get get_primary_group
- * @param string $gid Group ID
- * @return string
- */
- public function cn($gid){
- if ($gid === NULL) { return false; }
- $sr = false;
- $r = '';
-
- $filter = "(&(objectCategory=group)(samaccounttype=" . adLDAP::ADLDAP_SECURITY_GLOBAL_GROUP . "))";
- $fields = array("primarygrouptoken", "samaccountname", "distinguishedname");
- $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
- $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
-
- for ($i=0; $i<$entries["count"]; $i++){
- if ($entries[$i]["primarygrouptoken"][0] == $gid) {
- $r = $entries[$i]["distinguishedname"][0];
- $i = $entries["count"];
- }
- }
-
- return $r;
- }
-}
-?>
+<?php +/** + * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY + * Version 4.0.4 + * + * PHP Version 5 with SSL and LDAP support + * + * Written by Scott Barnett, Richard Hyland + * email: scott@wiggumworld.com, adldap@richardhyland.com + * http://adldap.sourceforge.net/ + * + * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * + * We'd appreciate any improvements or additions to be submitted back + * to benefit the entire community :) + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * @category ToolsAndUtilities + * @package adLDAP + * @subpackage Groups + * @author Scott Barnett, Richard Hyland + * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1 + * @revision $Revision: 97 $ + * @version 4.0.4 + * @link http://adldap.sourceforge.net/ + */ +require_once(dirname(__FILE__) . '/../adLDAP.php'); +require_once(dirname(__FILE__) . '/../collections/adLDAPGroupCollection.php'); + +/** +* GROUP FUNCTIONS +*/ +class adLDAPGroups { + /** + * The current adLDAP connection via dependency injection + * + * @var adLDAP + */ + protected $adldap; + + public function __construct(adLDAP $adldap) { + $this->adldap = $adldap; + } + + /** + * Add a group to a group + * + * @param string $parent The parent group name + * @param string $child The child group name + * @return bool + */ + public function addGroup($parent,$child){ + + // Find the parent group's dn + $parentGroup = $this->ginfo($parent, array("cn")); + if ($parentGroup[0]["dn"] === NULL){ + return false; + } + $parentDn = $parentGroup[0]["dn"]; + + // Find the child group's dn + $childGroup = $this->info($child, array("cn")); + if ($childGroup[0]["dn"] === NULL){ + return false; + } + $childDn = $childGroup[0]["dn"]; + + $add = array(); + $add["member"] = $childDn; + + $result = @ldap_mod_add($this->adldap->getLdapConnection(), $parentDn, $add); + if ($result == false) { + return false; + } + return true; + } + + /** + * Add a user to a group + * + * @param string $group The group to add the user to + * @param string $user The user to add to the group + * @param bool $isGUID Is the username passed a GUID or a samAccountName + * @return bool + */ + public function addUser($group, $user, $isGUID = false) + { + // Adding a user is a bit fiddly, we need to get the full DN of the user + // and add it using the full DN of the group + + // Find the user's dn + $userDn = $this->adldap->user()->dn($user, $isGUID); + if ($userDn === false) { + return false; + } + + // Find the group's dn + $groupInfo = $this->info($group, array("cn")); + if ($groupInfo[0]["dn"] === NULL) { + return false; + } + $groupDn = $groupInfo[0]["dn"]; + + $add = array(); + $add["member"] = $userDn; + + $result = @ldap_mod_add($this->adldap->getLdapConnection(), $groupDn, $add); + if ($result == false) { + return false; + } + return true; + } + + /** + * Add a contact to a group + * + * @param string $group The group to add the contact to + * @param string $contactDn The DN of the contact to add + * @return bool + */ + public function addContact($group, $contactDn) + { + // To add a contact we take the contact's DN + // and add it using the full DN of the group + + // Find the group's dn + $groupInfo = $this->info($group, array("cn")); + if ($groupInfo[0]["dn"] === NULL) { + return false; + } + $groupDn = $groupInfo[0]["dn"]; + + $add = array(); + $add["member"] = $contactDn; + + $result = @ldap_mod_add($this->adldap->getLdapConnection(), $groupDn, $add); + if ($result == false) { + return false; + } + return true; + } + + /** + * Create a group + * + * @param array $attributes Default attributes of the group + * @return bool + */ + public function create($attributes) + { + if (!is_array($attributes)){ return "Attributes must be an array"; } + if (!array_key_exists("group_name", $attributes)){ return "Missing compulsory field [group_name]"; } + if (!array_key_exists("container", $attributes)){ return "Missing compulsory field [container]"; } + if (!array_key_exists("description", $attributes)){ return "Missing compulsory field [description]"; } + if (!is_array($attributes["container"])){ return "Container attribute must be an array."; } + $attributes["container"] = array_reverse($attributes["container"]); + + //$member_array = array(); + //$member_array[0] = "cn=user1,cn=Users,dc=yourdomain,dc=com"; + //$member_array[1] = "cn=administrator,cn=Users,dc=yourdomain,dc=com"; + + $add = array(); + $add["cn"] = $attributes["group_name"]; + $add["samaccountname"] = $attributes["group_name"]; + $add["objectClass"] = "Group"; + $add["description"] = $attributes["description"]; + //$add["member"] = $member_array; UNTESTED + + $container = "OU=" . implode(",OU=", $attributes["container"]); + $result = ldap_add($this->adldap->getLdapConnection(), "CN=" . $add["cn"] . ", " . $container . "," . $this->adldap->getBaseDn(), $add); + if ($result != true) { + return false; + } + return true; + } + + /** + * Delete a group account + * + * @param string $group The group to delete (please be careful here!) + * + * @return array + */ + public function delete($group) { + if (!$this->adldap->getLdapBind()){ return false; } + if ($group === null){ return "Missing compulsory field [group]"; } + + $groupInfo = $this->info($group, array("*")); + $dn = $groupInfo[0]['distinguishedname'][0]; + $result = $this->adldap->folder()->delete($dn); + if ($result !== true) { + return false; + } return true; + } + + /** + * Remove a group from a group + * + * @param string $parent The parent group name + * @param string $child The child group name + * @return bool + */ + public function removeGroup($parent , $child) + { + + // Find the parent dn + $parentGroup = $this->info($parent, array("cn")); + if ($parentGroup[0]["dn"] === NULL) { + return false; + } + $parentDn = $parentGroup[0]["dn"]; + + // Find the child dn + $childGroup = $this->info($child, array("cn")); + if ($childGroup[0]["dn"] === NULL) { + return false; + } + $childDn = $childGroup[0]["dn"]; + + $del = array(); + $del["member"] = $childDn; + + $result = @ldap_mod_del($this->adldap->getLdapConnection(), $parentDn, $del); + if ($result == false) { + return false; + } + return true; + } + + /** + * Remove a user from a group + * + * @param string $group The group to remove a user from + * @param string $user The AD user to remove from the group + * @param bool $isGUID Is the username passed a GUID or a samAccountName + * @return bool + */ + public function removeUser($group, $user, $isGUID = false) + { + + // Find the parent dn + $groupInfo = $this->info($group, array("cn")); + if ($groupInfo[0]["dn"] === NULL){ + return false; + } + $groupDn = $groupInfo[0]["dn"]; + + // Find the users dn + $userDn = $this->adldap->user()->dn($user, $isGUID); + if ($userDn === false) { + return false; + } + + $del = array(); + $del["member"] = $userDn; + + $result = @ldap_mod_del($this->adldap->getLdapConnection(), $groupDn, $del); + if ($result == false) { + return false; + } + return true; + } + + /** + * Remove a contact from a group + * + * @param string $group The group to remove a user from + * @param string $contactDn The DN of a contact to remove from the group + * @return bool + */ + public function removeContact($group, $contactDn) + { + + // Find the parent dn + $groupInfo = $this->info($group, array("cn")); + if ($groupInfo[0]["dn"] === NULL) { + return false; + } + $groupDn = $groupInfo[0]["dn"]; + + $del = array(); + $del["member"] = $contactDn; + + $result = @ldap_mod_del($this->adldap->getLdapConnection(), $groupDn, $del); + if ($result == false) { + return false; + } + return true; + } + + /** + * Return a list of groups in a group + * + * @param string $group The group to query + * @param bool $recursive Recursively get groups + * @return array + */ + public function inGroup($group, $recursive = NULL) + { + if (!$this->adldap->getLdapBind()){ return false; } + if ($recursive === NULL){ $recursive = $this->adldap->getRecursiveGroups(); } // Use the default option if they haven't set it + + // Search the directory for the members of a group + $info = $this->info($group, array("member","cn")); + $groups = $info[0]["member"]; + if (!is_array($groups)) { + return false; + } + + $groupArray = array(); + + for ($i=0; $i<$groups["count"]; $i++){ + $filter = "(&(objectCategory=group)(distinguishedName=" . $this->adldap->utilities()->ldapSlashes($groups[$i]) . "))"; + $fields = array("samaccountname", "distinguishedname", "objectClass"); + $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields); + $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr); + + // not a person, look for a group + if ($entries['count'] == 0 && $recursive == true) { + $filter = "(&(objectCategory=group)(distinguishedName=" . $this->adldap->utilities()->ldapSlashes($groups[$i]) . "))"; + $fields = array("distinguishedname"); + $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields); + $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr); + if (!isset($entries[0]['distinguishedname'][0])) { + continue; + } + $subGroups = $this->inGroup($entries[0]['distinguishedname'][0], $recursive); + if (is_array($subGroups)) { + $groupArray = array_merge($groupArray, $subGroups); + $groupArray = array_unique($groupArray); + } + continue; + } + + $groupArray[] = $entries[0]['distinguishedname'][0]; + } + return $groupArray; + } + + /** + * Return a list of members in a group + * + * @param string $group The group to query + * @param bool $recursive Recursively get group members + * @return array + */ + public function members($group, $recursive = NULL) + { + if (!$this->adldap->getLdapBind()){ return false; } + if ($recursive === NULL){ $recursive = $this->adldap->getRecursiveGroups(); } // Use the default option if they haven't set it + // Search the directory for the members of a group + $info = $this->info($group, array("member","cn")); + $users = $info[0]["member"]; + if (!is_array($users)) { + return false; + } + + $userArray = array(); + + for ($i=0; $i<$users["count"]; $i++){ + $filter = "(&(objectCategory=person)(distinguishedName=" . $this->adldap->utilities()->ldapSlashes($users[$i]) . "))"; + $fields = array("samaccountname", "distinguishedname", "objectClass"); + $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields); + $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr); + + // not a person, look for a group + if ($entries['count'] == 0 && $recursive == true) { + $filter = "(&(objectCategory=group)(distinguishedName=" . $this->adldap->utilities()->ldapSlashes($users[$i]) . "))"; + $fields = array("samaccountname"); + $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields); + $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr); + if (!isset($entries[0]['samaccountname'][0])) { + continue; + } + $subUsers = $this->members($entries[0]['samaccountname'][0], $recursive); + if (is_array($subUsers)) { + $userArray = array_merge($userArray, $subUsers); + $userArray = array_unique($userArray); + } + continue; + } + else if ($entries['count'] == 0) { + continue; + } + + if ((!isset($entries[0]['samaccountname'][0]) || $entries[0]['samaccountname'][0] === NULL) && $entries[0]['distinguishedname'][0] !== NULL) { + $userArray[] = $entries[0]['distinguishedname'][0]; + } + else if ($entries[0]['samaccountname'][0] !== NULL) { + $userArray[] = $entries[0]['samaccountname'][0]; + } + } + return $userArray; + } + + /** + * Group Information. Returns an array of raw information about a group. + * The group name is case sensitive + * + * @param string $groupName The group name to retrieve info about + * @param array $fields Fields to retrieve + * @return array + */ + public function info($groupName, $fields = NULL) + { + if ($groupName === NULL) { return false; } + if (!$this->adldap->getLdapBind()) { return false; } + + if (stristr($groupName, '+')) { + $groupName = stripslashes($groupName); + } + + $filter = "(&(objectCategory=group)(name=" . $this->adldap->utilities()->ldapSlashes($groupName) . "))"; + if ($fields === NULL) { + $fields = array("member","memberof","cn","description","distinguishedname","objectcategory","samaccountname"); + } + $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields); + $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr); + + return $entries; + } + + /** + * Group Information. Returns an collection + * The group name is case sensitive + * + * @param string $groupName The group name to retrieve info about + * @param array $fields Fields to retrieve + * @return adLDAPGroupCollection + */ + public function infoCollection($groupName, $fields = NULL) + { + if ($groupName === NULL) { return false; } + if (!$this->adldap->getLdapBind()) { return false; } + + $info = $this->info($groupName, $fields); + if ($info !== false) { + $collection = new adLDAPGroupCollection($info, $this->adldap); + return $collection; + } + return false; + } + + /** + * Return a complete list of "groups in groups" + * + * @param string $group The group to get the list from + * @return array + */ + public function recursiveGroups($group) + { + if ($group === NULL) { return false; } + + $stack = array(); + $processed = array(); + $retGroups = array(); + + array_push($stack, $group); // Initial Group to Start with + while (count($stack) > 0) { + $parent = array_pop($stack); + array_push($processed, $parent); + + $info = $this->info($parent, array("memberof")); + + if (isset($info[0]["memberof"]) && is_array($info[0]["memberof"])) { + $groups = $info[0]["memberof"]; + if ($groups) { + $groupNames = $this->adldap->utilities()->niceNames($groups); + $retGroups = array_merge($retGroups, $groupNames); //final groups to return + foreach ($groupNames as $id => $groupName) { + if (!in_array($groupName, $processed)) { + array_push($stack, $groupName); + } + } + } + } + } + + return $retGroups; + } + + /** + * Returns a complete list of the groups in AD based on a SAM Account Type + * + * @param string $sAMAaccountType The account type to return + * @param bool $includeDescription Whether to return a description + * @param string $search Search parameters + * @param bool $sorted Whether to sort the results + * @return array + */ + public function search($sAMAaccountType = adLDAP::ADLDAP_SECURITY_GLOBAL_GROUP, $includeDescription = false, $search = "*", $sorted = true) { + if (!$this->adldap->getLdapBind()) { return false; } + + $filter = '(&(objectCategory=group)'; + if ($sAMAaccountType !== null) { + $filter .= '(samaccounttype='. $sAMAaccountType .')'; + } + $filter .= '(cn=' . $search . '))'; + // Perform the search and grab all their details + $fields = array("samaccountname", "description"); + $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields); + $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr); + + $groupsArray = array(); + for ($i=0; $i<$entries["count"]; $i++){ + if ($includeDescription && strlen($entries[$i]["description"][0]) > 0 ) { + $groupsArray[$entries[$i]["samaccountname"][0]] = $entries[$i]["description"][0]; + } + else if ($includeDescription){ + $groupsArray[$entries[$i]["samaccountname"][0]] = $entries[$i]["samaccountname"][0]; + } + else { + array_push($groupsArray, $entries[$i]["samaccountname"][0]); + } + } + if ($sorted) { + asort($groupsArray); + } + return $groupsArray; + } + + /** + * Returns a complete list of all groups in AD + * + * @param bool $includeDescription Whether to return a description + * @param string $search Search parameters + * @param bool $sorted Whether to sort the results + * @return array + */ + public function all($includeDescription = false, $search = "*", $sorted = true){ + $groupsArray = $this->search(null, $includeDescription, $search, $sorted); + return $groupsArray; + } + + /** + * Returns a complete list of security groups in AD + * + * @param bool $includeDescription Whether to return a description + * @param string $search Search parameters + * @param bool $sorted Whether to sort the results + * @return array + */ + public function allSecurity($includeDescription = false, $search = "*", $sorted = true){ + $groupsArray = $this->search(adLDAP::ADLDAP_SECURITY_GLOBAL_GROUP, $includeDescription, $search, $sorted); + return $groupsArray; + } + + /** + * Returns a complete list of distribution lists in AD + * + * @param bool $includeDescription Whether to return a description + * @param string $search Search parameters + * @param bool $sorted Whether to sort the results + * @return array + */ + public function allDistribution($includeDescription = false, $search = "*", $sorted = true){ + $groupsArray = $this->search(adLDAP::ADLDAP_DISTRIBUTION_GROUP, $includeDescription, $search, $sorted); + return $groupsArray; + } + + /** + * Coping with AD not returning the primary group + * http://support.microsoft.com/?kbid=321360 + * + * This is a re-write based on code submitted by Bruce which prevents the + * need to search each security group to find the true primary group + * + * @param string $gid Group ID + * @param string $usersid User's Object SID + * @return mixed + */ + public function getPrimaryGroup($gid, $usersid) + { + if ($gid === NULL || $usersid === NULL) { return false; } + $sr = false; + + $gsid = substr_replace($usersid, pack('V',$gid), strlen($usersid)-4,4); + $filter = '(objectsid=' . $this->adldap->utilities()->getTextSID($gsid).')'; + $fields = array("samaccountname","distinguishedname"); + $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields); + $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr); + + if (isset($entries[0]['distinguishedname'][0])) { + return $entries[0]['distinguishedname'][0]; + } + return false; + } + + /** + * Coping with AD not returning the primary group + * http://support.microsoft.com/?kbid=321360 + * + * For some reason it's not possible to search on primarygrouptoken=XXX + * If someone can show otherwise, I'd like to know about it :) + * this way is resource intensive and generally a pain in the @#%^ + * + * @deprecated deprecated since version 3.1, see get get_primary_group + * @param string $gid Group ID + * @return string + */ + public function cn($gid){ + if ($gid === NULL) { return false; } + $sr = false; + $r = ''; + + $filter = "(&(objectCategory=group)(samaccounttype=" . adLDAP::ADLDAP_SECURITY_GLOBAL_GROUP . "))"; + $fields = array("primarygrouptoken", "samaccountname", "distinguishedname"); + $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields); + $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr); + + for ($i=0; $i<$entries["count"]; $i++){ + if ($entries[$i]["primarygrouptoken"][0] == $gid) { + $r = $entries[$i]["distinguishedname"][0]; + $i = $entries["count"]; + } + } + + return $r; + } +} +?> diff --git a/lib/plugins/authad/adLDAP/classes/adLDAPUsers.php b/lib/plugins/authad/adLDAP/classes/adLDAPUsers.php index 96a93b512..839fd592d 100644 --- a/lib/plugins/authad/adLDAP/classes/adLDAPUsers.php +++ b/lib/plugins/authad/adLDAP/classes/adLDAPUsers.php @@ -1,682 +1,682 @@ -<?php
-/**
- * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
- * Version 4.0.4
- *
- * PHP Version 5 with SSL and LDAP support
- *
- * Written by Scott Barnett, Richard Hyland
- * email: scott@wiggumworld.com, adldap@richardhyland.com
- * http://adldap.sourceforge.net/
- *
- * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- *
- * We'd appreciate any improvements or additions to be submitted back
- * to benefit the entire community :)
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * @category ToolsAndUtilities
- * @package adLDAP
- * @subpackage User
- * @author Scott Barnett, Richard Hyland
- * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
- * @revision $Revision: 97 $
- * @version 4.0.4
- * @link http://adldap.sourceforge.net/
- */
-require_once(dirname(__FILE__) . '/../adLDAP.php');
-require_once(dirname(__FILE__) . '/../collections/adLDAPUserCollection.php');
-
-/**
-* USER FUNCTIONS
-*/
-class adLDAPUsers {
- /**
- * The current adLDAP connection via dependency injection
- *
- * @var adLDAP
- */
- protected $adldap;
-
- public function __construct(adLDAP $adldap) {
- $this->adldap = $adldap;
- }
-
- /**
- * Validate a user's login credentials
- *
- * @param string $username A user's AD username
- * @param string $password A user's AD password
- * @param bool optional $prevent_rebind
- * @return bool
- */
- public function authenticate($username, $password, $preventRebind = false) {
- return $this->adldap->authenticate($username, $password, $preventRebind);
- }
-
- /**
- * Create a user
- *
- * If you specify a password here, this can only be performed over SSL
- *
- * @param array $attributes The attributes to set to the user account
- * @return bool
- */
- public function create($attributes)
- {
- // Check for compulsory fields
- if (!array_key_exists("username", $attributes)){ return "Missing compulsory field [username]"; }
- if (!array_key_exists("firstname", $attributes)){ return "Missing compulsory field [firstname]"; }
- if (!array_key_exists("surname", $attributes)){ return "Missing compulsory field [surname]"; }
- if (!array_key_exists("email", $attributes)){ return "Missing compulsory field [email]"; }
- if (!array_key_exists("container", $attributes)){ return "Missing compulsory field [container]"; }
- if (!is_array($attributes["container"])){ return "Container attribute must be an array."; }
-
- if (array_key_exists("password",$attributes) && (!$this->adldap->getUseSSL() && !$this->adldap->getUseTLS())){
- throw new adLDAPException('SSL must be configured on your webserver and enabled in the class to set passwords.');
- }
-
- if (!array_key_exists("display_name", $attributes)) {
- $attributes["display_name"] = $attributes["firstname"] . " " . $attributes["surname"];
- }
-
- // Translate the schema
- $add = $this->adldap->adldap_schema($attributes);
-
- // Additional stuff only used for adding accounts
- $add["cn"][0] = $attributes["display_name"];
- $add["samaccountname"][0] = $attributes["username"];
- $add["objectclass"][0] = "top";
- $add["objectclass"][1] = "person";
- $add["objectclass"][2] = "organizationalPerson";
- $add["objectclass"][3] = "user"; //person?
- //$add["name"][0]=$attributes["firstname"]." ".$attributes["surname"];
-
- // Set the account control attribute
- $control_options = array("NORMAL_ACCOUNT");
- if (!$attributes["enabled"]) {
- $control_options[] = "ACCOUNTDISABLE";
- }
- $add["userAccountControl"][0] = $this->accountControl($control_options);
-
- // Determine the container
- $attributes["container"] = array_reverse($attributes["container"]);
- $container = "OU=" . implode(", OU=",$attributes["container"]);
-
- // Add the entry
- $result = @ldap_add($this->adldap->getLdapConnection(), "CN=" . $add["cn"][0] . ", " . $container . "," . $this->adldap->getBaseDn(), $add);
- if ($result != true) {
- return false;
- }
-
- return true;
- }
-
- /**
- * Account control options
- *
- * @param array $options The options to convert to int
- * @return int
- */
- protected function accountControl($options)
- {
- $val=0;
-
- if (is_array($options)) {
- if (in_array("SCRIPT",$options)){ $val=$val+1; }
- if (in_array("ACCOUNTDISABLE",$options)){ $val=$val+2; }
- if (in_array("HOMEDIR_REQUIRED",$options)){ $val=$val+8; }
- if (in_array("LOCKOUT",$options)){ $val=$val+16; }
- if (in_array("PASSWD_NOTREQD",$options)){ $val=$val+32; }
- //PASSWD_CANT_CHANGE Note You cannot assign this permission by directly modifying the UserAccountControl attribute.
- //For information about how to set the permission programmatically, see the "Property flag descriptions" section.
- if (in_array("ENCRYPTED_TEXT_PWD_ALLOWED",$options)){ $val=$val+128; }
- if (in_array("TEMP_DUPLICATE_ACCOUNT",$options)){ $val=$val+256; }
- if (in_array("NORMAL_ACCOUNT",$options)){ $val=$val+512; }
- if (in_array("INTERDOMAIN_TRUST_ACCOUNT",$options)){ $val=$val+2048; }
- if (in_array("WORKSTATION_TRUST_ACCOUNT",$options)){ $val=$val+4096; }
- if (in_array("SERVER_TRUST_ACCOUNT",$options)){ $val=$val+8192; }
- if (in_array("DONT_EXPIRE_PASSWORD",$options)){ $val=$val+65536; }
- if (in_array("MNS_LOGON_ACCOUNT",$options)){ $val=$val+131072; }
- if (in_array("SMARTCARD_REQUIRED",$options)){ $val=$val+262144; }
- if (in_array("TRUSTED_FOR_DELEGATION",$options)){ $val=$val+524288; }
- if (in_array("NOT_DELEGATED",$options)){ $val=$val+1048576; }
- if (in_array("USE_DES_KEY_ONLY",$options)){ $val=$val+2097152; }
- if (in_array("DONT_REQ_PREAUTH",$options)){ $val=$val+4194304; }
- if (in_array("PASSWORD_EXPIRED",$options)){ $val=$val+8388608; }
- if (in_array("TRUSTED_TO_AUTH_FOR_DELEGATION",$options)){ $val=$val+16777216; }
- }
- return $val;
- }
-
- /**
- * Delete a user account
- *
- * @param string $username The username to delete (please be careful here!)
- * @param bool $isGUID Is the username a GUID or a samAccountName
- * @return array
- */
- public function delete($username, $isGUID = false)
- {
- $userinfo = $this->info($username, array("*"), $isGUID);
- $dn = $userinfo[0]['distinguishedname'][0];
- $result = $this->adldap->folder()->delete($dn);
- if ($result != true) {
- return false;
- }
- return true;
- }
-
- /**
- * Groups the user is a member of
- *
- * @param string $username The username to query
- * @param bool $recursive Recursive list of groups
- * @param bool $isGUID Is the username passed a GUID or a samAccountName
- * @return array
- */
- public function groups($username, $recursive = NULL, $isGUID = false)
- {
- if ($username === NULL) { return false; }
- if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } // Use the default option if they haven't set it
- if (!$this->adldap->getLdapBind()) { return false; }
-
- // Search the directory for their information
- $info = @$this->info($username, array("memberof", "primarygroupid"), $isGUID);
- $groups = $this->adldap->utilities()->niceNames($info[0]["memberof"]); // Presuming the entry returned is our guy (unique usernames)
-
- if ($recursive === true){
- foreach ($groups as $id => $groupName){
- $extraGroups = $this->adldap->group()->recursiveGroups($groupName);
- $groups = array_merge($groups, $extraGroups);
- }
- }
-
- return $groups;
- }
-
- /**
- * Find information about the users. Returned in a raw array format from AD
- *
- * @param string $username The username to query
- * @param array $fields Array of parameters to query
- * @param bool $isGUID Is the username passed a GUID or a samAccountName
- * @return array
- */
- public function info($username, $fields = NULL, $isGUID = false)
- {
- if ($username === NULL) { return false; }
- if (!$this->adldap->getLdapBind()) { return false; }
-
- if ($isGUID === true) {
- $username = $this->adldap->utilities()->strGuidToHex($username);
- $filter = "objectguid=" . $username;
- }
- else if (strstr($username, "@")) {
- $filter = "userPrincipalName=" . $username;
- }
- else {
- $filter = "samaccountname=" . $username;
- }
- $filter = "(&(objectCategory=person)({$filter}))";
- if ($fields === NULL) {
- $fields = array("samaccountname","mail","memberof","department","displayname","telephonenumber","primarygroupid","objectsid");
- }
- if (!in_array("objectsid", $fields)) {
- $fields[] = "objectsid";
- }
- $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
- $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
-
- if (isset($entries[0])) {
- if ($entries[0]['count'] >= 1) {
- if (in_array("memberof", $fields)) {
- // AD does not return the primary group in the ldap query, we may need to fudge it
- if ($this->adldap->getRealPrimaryGroup() && isset($entries[0]["primarygroupid"][0]) && isset($entries[0]["objectsid"][0])){
- //$entries[0]["memberof"][]=$this->group_cn($entries[0]["primarygroupid"][0]);
- $entries[0]["memberof"][] = $this->adldap->group()->getPrimaryGroup($entries[0]["primarygroupid"][0], $entries[0]["objectsid"][0]);
- } else {
- $entries[0]["memberof"][] = "CN=Domain Users,CN=Users," . $this->adldap->getBaseDn();
- }
- if (!isset($entries[0]["memberof"]["count"])) {
- $entries[0]["memberof"]["count"] = 0;
- }
- $entries[0]["memberof"]["count"]++;
- }
- }
-
- return $entries;
- }
- return false;
- }
-
- /**
- * Find information about the users. Returned in a raw array format from AD
- *
- * @param string $username The username to query
- * @param array $fields Array of parameters to query
- * @param bool $isGUID Is the username passed a GUID or a samAccountName
- * @return mixed
- */
- public function infoCollection($username, $fields = NULL, $isGUID = false)
- {
- if ($username === NULL) { return false; }
- if (!$this->adldap->getLdapBind()) { return false; }
-
- $info = $this->info($username, $fields, $isGUID);
-
- if ($info !== false) {
- $collection = new adLDAPUserCollection($info, $this->adldap);
- return $collection;
- }
- return false;
- }
-
- /**
- * Determine if a user is in a specific group
- *
- * @param string $username The username to query
- * @param string $group The name of the group to check against
- * @param bool $recursive Check groups recursively
- * @param bool $isGUID Is the username passed a GUID or a samAccountName
- * @return bool
- */
- public function inGroup($username, $group, $recursive = NULL, $isGUID = false)
- {
- if ($username === NULL) { return false; }
- if ($group === NULL) { return false; }
- if (!$this->adldap->getLdapBind()) { return false; }
- if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } // Use the default option if they haven't set it
-
- // Get a list of the groups
- $groups = $this->groups($username, $recursive, $isGUID);
-
- // Return true if the specified group is in the group list
- if (in_array($group, $groups)) {
- return true;
- }
-
- return false;
- }
-
- /**
- * Determine a user's password expiry date
- *
- * @param string $username The username to query
- * @param book $isGUID Is the username passed a GUID or a samAccountName
- * @requires bcmath http://www.php.net/manual/en/book.bc.php
- * @return array
- */
- public function passwordExpiry($username, $isGUID = false)
- {
- if ($username === NULL) { return "Missing compulsory field [username]"; }
- if (!$this->adldap->getLdapBind()) { return false; }
- if (!function_exists('bcmod')) { throw new adLDAPException("Missing function support [bcmod] http://www.php.net/manual/en/book.bc.php"); };
-
- $userInfo = $this->info($username, array("pwdlastset", "useraccountcontrol"), $isGUID);
- $pwdLastSet = $userInfo[0]['pwdlastset'][0];
- $status = array();
-
- if ($userInfo[0]['useraccountcontrol'][0] == '66048') {
- // Password does not expire
- return "Does not expire";
- }
- if ($pwdLastSet === '0') {
- // Password has already expired
- return "Password has expired";
- }
-
- // Password expiry in AD can be calculated from TWO values:
- // - User's own pwdLastSet attribute: stores the last time the password was changed
- // - Domain's maxPwdAge attribute: how long passwords last in the domain
- //
- // Although Microsoft chose to use a different base and unit for time measurements.
- // This function will convert them to Unix timestamps
- $sr = ldap_read($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), 'objectclass=*', array('maxPwdAge'));
- if (!$sr) {
- return false;
- }
- $info = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
- $maxPwdAge = $info[0]['maxpwdage'][0];
-
-
- // See MSDN: http://msdn.microsoft.com/en-us/library/ms974598.aspx
- //
- // pwdLastSet contains the number of 100 nanosecond intervals since January 1, 1601 (UTC),
- // stored in a 64 bit integer.
- //
- // The number of seconds between this date and Unix epoch is 11644473600.
- //
- // maxPwdAge is stored as a large integer that represents the number of 100 nanosecond
- // intervals from the time the password was set before the password expires.
- //
- // We also need to scale this to seconds but also this value is a _negative_ quantity!
- //
- // If the low 32 bits of maxPwdAge are equal to 0 passwords do not expire
- //
- // Unfortunately the maths involved are too big for PHP integers, so I've had to require
- // BCMath functions to work with arbitrary precision numbers.
- if (bcmod($maxPwdAge, 4294967296) === '0') {
- return "Domain does not expire passwords";
- }
-
- // Add maxpwdage and pwdlastset and we get password expiration time in Microsoft's
- // time units. Because maxpwd age is negative we need to subtract it.
- $pwdExpire = bcsub($pwdLastSet, $maxPwdAge);
-
- // Convert MS's time to Unix time
- $status['expiryts'] = bcsub(bcdiv($pwdExpire, '10000000'), '11644473600');
- $status['expiryformat'] = date('Y-m-d H:i:s', bcsub(bcdiv($pwdExpire, '10000000'), '11644473600'));
-
- return $status;
- }
-
- /**
- * Modify a user
- *
- * @param string $username The username to query
- * @param array $attributes The attributes to modify. Note if you set the enabled attribute you must not specify any other attributes
- * @param bool $isGUID Is the username passed a GUID or a samAccountName
- * @return bool
- */
- public function modify($username, $attributes, $isGUID = false)
- {
- if ($username === NULL) { return "Missing compulsory field [username]"; }
- if (array_key_exists("password", $attributes) && !$this->adldap->getUseSSL() && !$this->adldap->getUseTLS()) {
- throw new adLDAPException('SSL/TLS must be configured on your webserver and enabled in the class to set passwords.');
- }
-
- // Find the dn of the user
- $userDn = $this->dn($username, $isGUID);
- if ($userDn === false) {
- return false;
- }
-
- // Translate the update to the LDAP schema
- $mod = $this->adldap->adldap_schema($attributes);
-
- // Check to see if this is an enabled status update
- if (!$mod && !array_key_exists("enabled", $attributes)){
- return false;
- }
-
- // Set the account control attribute (only if specified)
- if (array_key_exists("enabled", $attributes)){
- if ($attributes["enabled"]){
- $controlOptions = array("NORMAL_ACCOUNT");
- }
- else {
- $controlOptions = array("NORMAL_ACCOUNT", "ACCOUNTDISABLE");
- }
- $mod["userAccountControl"][0] = $this->accountControl($controlOptions);
- }
-
- // Do the update
- $result = @ldap_modify($this->adldap->getLdapConnection(), $userDn, $mod);
- if ($result == false) {
- return false;
- }
-
- return true;
- }
-
- /**
- * Disable a user account
- *
- * @param string $username The username to disable
- * @param bool $isGUID Is the username passed a GUID or a samAccountName
- * @return bool
- */
- public function disable($username, $isGUID = false)
- {
- if ($username === NULL) { return "Missing compulsory field [username]"; }
- $attributes = array("enabled" => 0);
- $result = $this->modify($username, $attributes, $isGUID);
- if ($result == false) { return false; }
-
- return true;
- }
-
- /**
- * Enable a user account
- *
- * @param string $username The username to enable
- * @param bool $isGUID Is the username passed a GUID or a samAccountName
- * @return bool
- */
- public function enable($username, $isGUID = false)
- {
- if ($username === NULL) { return "Missing compulsory field [username]"; }
- $attributes = array("enabled" => 1);
- $result = $this->modify($username, $attributes, $isGUID);
- if ($result == false) { return false; }
-
- return true;
- }
-
- /**
- * Set the password of a user - This must be performed over SSL
- *
- * @param string $username The username to modify
- * @param string $password The new password
- * @param bool $isGUID Is the username passed a GUID or a samAccountName
- * @return bool
- */
- public function password($username, $password, $isGUID = false)
- {
- if ($username === NULL) { return false; }
- if ($password === NULL) { return false; }
- if (!$this->adldap->getLdapBind()) { return false; }
- if (!$this->adldap->getUseSSL() && !$this->adldap->getUseTLS()) {
- throw new adLDAPException('SSL must be configured on your webserver and enabled in the class to set passwords.');
- }
-
- $userDn = $this->dn($username, $isGUID);
- if ($userDn === false) {
- return false;
- }
-
- $add=array();
- $add["unicodePwd"][0] = $this->encodePassword($password);
-
- $result = @ldap_mod_replace($this->adldap->getLdapConnection(), $userDn, $add);
- if ($result === false){
- $err = ldap_errno($this->adldap->getLdapConnection());
- if ($err) {
- $msg = 'Error ' . $err . ': ' . ldap_err2str($err) . '.';
- if($err == 53) {
- $msg .= ' Your password might not match the password policy.';
- }
- throw new adLDAPException($msg);
- }
- else {
- return false;
- }
- }
-
- return true;
- }
-
- /**
- * Encode a password for transmission over LDAP
- *
- * @param string $password The password to encode
- * @return string
- */
- public function encodePassword($password)
- {
- $password="\"".$password."\"";
- $encoded="";
- for ($i=0; $i <strlen($password); $i++){ $encoded.="{$password{$i}}\000"; }
- return $encoded;
- }
-
- /**
- * Obtain the user's distinguished name based on their userid
- *
- *
- * @param string $username The username
- * @param bool $isGUID Is the username passed a GUID or a samAccountName
- * @return string
- */
- public function dn($username, $isGUID=false)
- {
- $user = $this->info($username, array("cn"), $isGUID);
- if ($user[0]["dn"] === NULL) {
- return false;
- }
- $userDn = $user[0]["dn"];
- return $userDn;
- }
-
- /**
- * Return a list of all users in AD
- *
- * @param bool $includeDescription Return a description of the user
- * @param string $search Search parameter
- * @param bool $sorted Sort the user accounts
- * @return array
- */
- public function all($includeDescription = false, $search = "*", $sorted = true)
- {
- if (!$this->adldap->getLdapBind()) { return false; }
-
- // Perform the search and grab all their details
- $filter = "(&(objectClass=user)(samaccounttype=" . adLDAP::ADLDAP_NORMAL_ACCOUNT .")(objectCategory=person)(cn=" . $search . "))";
- $fields = array("samaccountname","displayname");
- $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
- $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
-
- $usersArray = array();
- for ($i=0; $i<$entries["count"]; $i++){
- if ($includeDescription && strlen($entries[$i]["displayname"][0])>0){
- $usersArray[$entries[$i]["samaccountname"][0]] = $entries[$i]["displayname"][0];
- } elseif ($includeDescription){
- $usersArray[$entries[$i]["samaccountname"][0]] = $entries[$i]["samaccountname"][0];
- } else {
- array_push($usersArray, $entries[$i]["samaccountname"][0]);
- }
- }
- if ($sorted) {
- asort($usersArray);
- }
- return $usersArray;
- }
-
- /**
- * Converts a username (samAccountName) to a GUID
- *
- * @param string $username The username to query
- * @return string
- */
- public function usernameToGuid($username)
- {
- if (!$this->adldap->getLdapBind()){ return false; }
- if ($username === null){ return "Missing compulsory field [username]"; }
-
- $filter = "samaccountname=" . $username;
- $fields = array("objectGUID");
- $sr = @ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
- if (ldap_count_entries($this->adldap->getLdapConnection(), $sr) > 0) {
- $entry = @ldap_first_entry($this->adldap->getLdapConnection(), $sr);
- $guid = @ldap_get_values_len($this->adldap->getLdapConnection(), $entry, 'objectGUID');
- $strGUID = $this->adldap->utilities()->binaryToText($guid[0]);
- return $strGUID;
- }
- return false;
- }
-
- /**
- * Return a list of all users in AD that have a specific value in a field
- *
- * @param bool $includeDescription Return a description of the user
- * @param string $searchField Field to search search for
- * @param string $searchFilter Value to search for in the specified field
- * @param bool $sorted Sort the user accounts
- * @return array
- */
- public function find($includeDescription = false, $searchField = false, $searchFilter = false, $sorted = true){
- if (!$this->adldap->getLdapBind()){ return false; }
-
- // Perform the search and grab all their details
- $searchParams = "";
- if ($searchField) {
- $searchParams = "(" . $searchField . "=" . $searchFilter . ")";
- }
- $filter = "(&(objectClass=user)(samaccounttype=" . adLDAP::ADLDAP_NORMAL_ACCOUNT .")(objectCategory=person)" . $searchParams . ")";
- $fields = array("samaccountname","displayname");
- $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
- $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
-
- $usersArray = array();
- for ($i=0; $i < $entries["count"]; $i++) {
- if ($includeDescription && strlen($entries[$i]["displayname"][0]) > 0) {
- $usersArray[$entries[$i]["samaccountname"][0]] = $entries[$i]["displayname"][0];
- }
- else if ($includeDescription) {
- $usersArray[$entries[$i]["samaccountname"][0]] = $entries[$i]["samaccountname"][0];
- }
- else {
- array_push($usersArray, $entries[$i]["samaccountname"][0]);
- }
- }
- if ($sorted){
- asort($usersArray);
- }
- return ($usersArray);
- }
-
- /**
- * Move a user account to a different OU
- *
- * @param string $username The username to move (please be careful here!)
- * @param array $container The container or containers to move the user to (please be careful here!).
- * accepts containers in 1. parent 2. child order
- * @return array
- */
- public function move($username, $container)
- {
- if (!$this->adldap->getLdapBind()) { return false; }
- if ($username === null) { return "Missing compulsory field [username]"; }
- if ($container === null) { return "Missing compulsory field [container]"; }
- if (!is_array($container)) { return "Container must be an array"; }
-
- $userInfo = $this->info($username, array("*"));
- $dn = $userInfo[0]['distinguishedname'][0];
- $newRDn = "cn=" . $username;
- $container = array_reverse($container);
- $newContainer = "ou=" . implode(",ou=",$container);
- $newBaseDn = strtolower($newContainer) . "," . $this->adldap->getBaseDn();
- $result = @ldap_rename($this->adldap->getLdapConnection(), $dn, $newRDn, $newBaseDn, true);
- if ($result !== true) {
- return false;
- }
- return true;
- }
-
- /**
- * Get the last logon time of any user as a Unix timestamp
- *
- * @param string $username
- * @return long $unixTimestamp
- */
- public function getLastLogon($username) {
- if (!$this->adldap->getLdapBind()) { return false; }
- if ($username === null) { return "Missing compulsory field [username]"; }
- $userInfo = $this->info($username, array("lastLogonTimestamp"));
- $lastLogon = adLDAPUtils::convertWindowsTimeToUnixTime($userInfo[0]['lastLogonTimestamp'][0]);
- return $lastLogon;
- }
-
-}
-?>
+<?php +/** + * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY + * Version 4.0.4 + * + * PHP Version 5 with SSL and LDAP support + * + * Written by Scott Barnett, Richard Hyland + * email: scott@wiggumworld.com, adldap@richardhyland.com + * http://adldap.sourceforge.net/ + * + * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * + * We'd appreciate any improvements or additions to be submitted back + * to benefit the entire community :) + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * @category ToolsAndUtilities + * @package adLDAP + * @subpackage User + * @author Scott Barnett, Richard Hyland + * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1 + * @revision $Revision: 97 $ + * @version 4.0.4 + * @link http://adldap.sourceforge.net/ + */ +require_once(dirname(__FILE__) . '/../adLDAP.php'); +require_once(dirname(__FILE__) . '/../collections/adLDAPUserCollection.php'); + +/** +* USER FUNCTIONS +*/ +class adLDAPUsers { + /** + * The current adLDAP connection via dependency injection + * + * @var adLDAP + */ + protected $adldap; + + public function __construct(adLDAP $adldap) { + $this->adldap = $adldap; + } + + /** + * Validate a user's login credentials + * + * @param string $username A user's AD username + * @param string $password A user's AD password + * @param bool optional $prevent_rebind + * @return bool + */ + public function authenticate($username, $password, $preventRebind = false) { + return $this->adldap->authenticate($username, $password, $preventRebind); + } + + /** + * Create a user + * + * If you specify a password here, this can only be performed over SSL + * + * @param array $attributes The attributes to set to the user account + * @return bool + */ + public function create($attributes) + { + // Check for compulsory fields + if (!array_key_exists("username", $attributes)){ return "Missing compulsory field [username]"; } + if (!array_key_exists("firstname", $attributes)){ return "Missing compulsory field [firstname]"; } + if (!array_key_exists("surname", $attributes)){ return "Missing compulsory field [surname]"; } + if (!array_key_exists("email", $attributes)){ return "Missing compulsory field [email]"; } + if (!array_key_exists("container", $attributes)){ return "Missing compulsory field [container]"; } + if (!is_array($attributes["container"])){ return "Container attribute must be an array."; } + + if (array_key_exists("password",$attributes) && (!$this->adldap->getUseSSL() && !$this->adldap->getUseTLS())){ + throw new adLDAPException('SSL must be configured on your webserver and enabled in the class to set passwords.'); + } + + if (!array_key_exists("display_name", $attributes)) { + $attributes["display_name"] = $attributes["firstname"] . " " . $attributes["surname"]; + } + + // Translate the schema + $add = $this->adldap->adldap_schema($attributes); + + // Additional stuff only used for adding accounts + $add["cn"][0] = $attributes["display_name"]; + $add["samaccountname"][0] = $attributes["username"]; + $add["objectclass"][0] = "top"; + $add["objectclass"][1] = "person"; + $add["objectclass"][2] = "organizationalPerson"; + $add["objectclass"][3] = "user"; //person? + //$add["name"][0]=$attributes["firstname"]." ".$attributes["surname"]; + + // Set the account control attribute + $control_options = array("NORMAL_ACCOUNT"); + if (!$attributes["enabled"]) { + $control_options[] = "ACCOUNTDISABLE"; + } + $add["userAccountControl"][0] = $this->accountControl($control_options); + + // Determine the container + $attributes["container"] = array_reverse($attributes["container"]); + $container = "OU=" . implode(", OU=",$attributes["container"]); + + // Add the entry + $result = @ldap_add($this->adldap->getLdapConnection(), "CN=" . $add["cn"][0] . ", " . $container . "," . $this->adldap->getBaseDn(), $add); + if ($result != true) { + return false; + } + + return true; + } + + /** + * Account control options + * + * @param array $options The options to convert to int + * @return int + */ + protected function accountControl($options) + { + $val=0; + + if (is_array($options)) { + if (in_array("SCRIPT",$options)){ $val=$val+1; } + if (in_array("ACCOUNTDISABLE",$options)){ $val=$val+2; } + if (in_array("HOMEDIR_REQUIRED",$options)){ $val=$val+8; } + if (in_array("LOCKOUT",$options)){ $val=$val+16; } + if (in_array("PASSWD_NOTREQD",$options)){ $val=$val+32; } + //PASSWD_CANT_CHANGE Note You cannot assign this permission by directly modifying the UserAccountControl attribute. + //For information about how to set the permission programmatically, see the "Property flag descriptions" section. + if (in_array("ENCRYPTED_TEXT_PWD_ALLOWED",$options)){ $val=$val+128; } + if (in_array("TEMP_DUPLICATE_ACCOUNT",$options)){ $val=$val+256; } + if (in_array("NORMAL_ACCOUNT",$options)){ $val=$val+512; } + if (in_array("INTERDOMAIN_TRUST_ACCOUNT",$options)){ $val=$val+2048; } + if (in_array("WORKSTATION_TRUST_ACCOUNT",$options)){ $val=$val+4096; } + if (in_array("SERVER_TRUST_ACCOUNT",$options)){ $val=$val+8192; } + if (in_array("DONT_EXPIRE_PASSWORD",$options)){ $val=$val+65536; } + if (in_array("MNS_LOGON_ACCOUNT",$options)){ $val=$val+131072; } + if (in_array("SMARTCARD_REQUIRED",$options)){ $val=$val+262144; } + if (in_array("TRUSTED_FOR_DELEGATION",$options)){ $val=$val+524288; } + if (in_array("NOT_DELEGATED",$options)){ $val=$val+1048576; } + if (in_array("USE_DES_KEY_ONLY",$options)){ $val=$val+2097152; } + if (in_array("DONT_REQ_PREAUTH",$options)){ $val=$val+4194304; } + if (in_array("PASSWORD_EXPIRED",$options)){ $val=$val+8388608; } + if (in_array("TRUSTED_TO_AUTH_FOR_DELEGATION",$options)){ $val=$val+16777216; } + } + return $val; + } + + /** + * Delete a user account + * + * @param string $username The username to delete (please be careful here!) + * @param bool $isGUID Is the username a GUID or a samAccountName + * @return array + */ + public function delete($username, $isGUID = false) + { + $userinfo = $this->info($username, array("*"), $isGUID); + $dn = $userinfo[0]['distinguishedname'][0]; + $result = $this->adldap->folder()->delete($dn); + if ($result != true) { + return false; + } + return true; + } + + /** + * Groups the user is a member of + * + * @param string $username The username to query + * @param bool $recursive Recursive list of groups + * @param bool $isGUID Is the username passed a GUID or a samAccountName + * @return array + */ + public function groups($username, $recursive = NULL, $isGUID = false) + { + if ($username === NULL) { return false; } + if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } // Use the default option if they haven't set it + if (!$this->adldap->getLdapBind()) { return false; } + + // Search the directory for their information + $info = @$this->info($username, array("memberof", "primarygroupid"), $isGUID); + $groups = $this->adldap->utilities()->niceNames($info[0]["memberof"]); // Presuming the entry returned is our guy (unique usernames) + + if ($recursive === true){ + foreach ($groups as $id => $groupName){ + $extraGroups = $this->adldap->group()->recursiveGroups($groupName); + $groups = array_merge($groups, $extraGroups); + } + } + + return $groups; + } + + /** + * Find information about the users. Returned in a raw array format from AD + * + * @param string $username The username to query + * @param array $fields Array of parameters to query + * @param bool $isGUID Is the username passed a GUID or a samAccountName + * @return array + */ + public function info($username, $fields = NULL, $isGUID = false) + { + if ($username === NULL) { return false; } + if (!$this->adldap->getLdapBind()) { return false; } + + if ($isGUID === true) { + $username = $this->adldap->utilities()->strGuidToHex($username); + $filter = "objectguid=" . $username; + } + else if (strstr($username, "@")) { + $filter = "userPrincipalName=" . $username; + } + else { + $filter = "samaccountname=" . $username; + } + $filter = "(&(objectCategory=person)({$filter}))"; + if ($fields === NULL) { + $fields = array("samaccountname","mail","memberof","department","displayname","telephonenumber","primarygroupid","objectsid"); + } + if (!in_array("objectsid", $fields)) { + $fields[] = "objectsid"; + } + $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields); + $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr); + + if (isset($entries[0])) { + if ($entries[0]['count'] >= 1) { + if (in_array("memberof", $fields)) { + // AD does not return the primary group in the ldap query, we may need to fudge it + if ($this->adldap->getRealPrimaryGroup() && isset($entries[0]["primarygroupid"][0]) && isset($entries[0]["objectsid"][0])){ + //$entries[0]["memberof"][]=$this->group_cn($entries[0]["primarygroupid"][0]); + $entries[0]["memberof"][] = $this->adldap->group()->getPrimaryGroup($entries[0]["primarygroupid"][0], $entries[0]["objectsid"][0]); + } else { + $entries[0]["memberof"][] = "CN=Domain Users,CN=Users," . $this->adldap->getBaseDn(); + } + if (!isset($entries[0]["memberof"]["count"])) { + $entries[0]["memberof"]["count"] = 0; + } + $entries[0]["memberof"]["count"]++; + } + } + + return $entries; + } + return false; + } + + /** + * Find information about the users. Returned in a raw array format from AD + * + * @param string $username The username to query + * @param array $fields Array of parameters to query + * @param bool $isGUID Is the username passed a GUID or a samAccountName + * @return mixed + */ + public function infoCollection($username, $fields = NULL, $isGUID = false) + { + if ($username === NULL) { return false; } + if (!$this->adldap->getLdapBind()) { return false; } + + $info = $this->info($username, $fields, $isGUID); + + if ($info !== false) { + $collection = new adLDAPUserCollection($info, $this->adldap); + return $collection; + } + return false; + } + + /** + * Determine if a user is in a specific group + * + * @param string $username The username to query + * @param string $group The name of the group to check against + * @param bool $recursive Check groups recursively + * @param bool $isGUID Is the username passed a GUID or a samAccountName + * @return bool + */ + public function inGroup($username, $group, $recursive = NULL, $isGUID = false) + { + if ($username === NULL) { return false; } + if ($group === NULL) { return false; } + if (!$this->adldap->getLdapBind()) { return false; } + if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } // Use the default option if they haven't set it + + // Get a list of the groups + $groups = $this->groups($username, $recursive, $isGUID); + + // Return true if the specified group is in the group list + if (in_array($group, $groups)) { + return true; + } + + return false; + } + + /** + * Determine a user's password expiry date + * + * @param string $username The username to query + * @param book $isGUID Is the username passed a GUID or a samAccountName + * @requires bcmath http://www.php.net/manual/en/book.bc.php + * @return array + */ + public function passwordExpiry($username, $isGUID = false) + { + if ($username === NULL) { return "Missing compulsory field [username]"; } + if (!$this->adldap->getLdapBind()) { return false; } + if (!function_exists('bcmod')) { throw new adLDAPException("Missing function support [bcmod] http://www.php.net/manual/en/book.bc.php"); }; + + $userInfo = $this->info($username, array("pwdlastset", "useraccountcontrol"), $isGUID); + $pwdLastSet = $userInfo[0]['pwdlastset'][0]; + $status = array(); + + if ($userInfo[0]['useraccountcontrol'][0] == '66048') { + // Password does not expire + return "Does not expire"; + } + if ($pwdLastSet === '0') { + // Password has already expired + return "Password has expired"; + } + + // Password expiry in AD can be calculated from TWO values: + // - User's own pwdLastSet attribute: stores the last time the password was changed + // - Domain's maxPwdAge attribute: how long passwords last in the domain + // + // Although Microsoft chose to use a different base and unit for time measurements. + // This function will convert them to Unix timestamps + $sr = ldap_read($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), 'objectclass=*', array('maxPwdAge')); + if (!$sr) { + return false; + } + $info = ldap_get_entries($this->adldap->getLdapConnection(), $sr); + $maxPwdAge = $info[0]['maxpwdage'][0]; + + + // See MSDN: http://msdn.microsoft.com/en-us/library/ms974598.aspx + // + // pwdLastSet contains the number of 100 nanosecond intervals since January 1, 1601 (UTC), + // stored in a 64 bit integer. + // + // The number of seconds between this date and Unix epoch is 11644473600. + // + // maxPwdAge is stored as a large integer that represents the number of 100 nanosecond + // intervals from the time the password was set before the password expires. + // + // We also need to scale this to seconds but also this value is a _negative_ quantity! + // + // If the low 32 bits of maxPwdAge are equal to 0 passwords do not expire + // + // Unfortunately the maths involved are too big for PHP integers, so I've had to require + // BCMath functions to work with arbitrary precision numbers. + if (bcmod($maxPwdAge, 4294967296) === '0') { + return "Domain does not expire passwords"; + } + + // Add maxpwdage and pwdlastset and we get password expiration time in Microsoft's + // time units. Because maxpwd age is negative we need to subtract it. + $pwdExpire = bcsub($pwdLastSet, $maxPwdAge); + + // Convert MS's time to Unix time + $status['expiryts'] = bcsub(bcdiv($pwdExpire, '10000000'), '11644473600'); + $status['expiryformat'] = date('Y-m-d H:i:s', bcsub(bcdiv($pwdExpire, '10000000'), '11644473600')); + + return $status; + } + + /** + * Modify a user + * + * @param string $username The username to query + * @param array $attributes The attributes to modify. Note if you set the enabled attribute you must not specify any other attributes + * @param bool $isGUID Is the username passed a GUID or a samAccountName + * @return bool + */ + public function modify($username, $attributes, $isGUID = false) + { + if ($username === NULL) { return "Missing compulsory field [username]"; } + if (array_key_exists("password", $attributes) && !$this->adldap->getUseSSL() && !$this->adldap->getUseTLS()) { + throw new adLDAPException('SSL/TLS must be configured on your webserver and enabled in the class to set passwords.'); + } + + // Find the dn of the user + $userDn = $this->dn($username, $isGUID); + if ($userDn === false) { + return false; + } + + // Translate the update to the LDAP schema + $mod = $this->adldap->adldap_schema($attributes); + + // Check to see if this is an enabled status update + if (!$mod && !array_key_exists("enabled", $attributes)){ + return false; + } + + // Set the account control attribute (only if specified) + if (array_key_exists("enabled", $attributes)){ + if ($attributes["enabled"]){ + $controlOptions = array("NORMAL_ACCOUNT"); + } + else { + $controlOptions = array("NORMAL_ACCOUNT", "ACCOUNTDISABLE"); + } + $mod["userAccountControl"][0] = $this->accountControl($controlOptions); + } + + // Do the update + $result = @ldap_modify($this->adldap->getLdapConnection(), $userDn, $mod); + if ($result == false) { + return false; + } + + return true; + } + + /** + * Disable a user account + * + * @param string $username The username to disable + * @param bool $isGUID Is the username passed a GUID or a samAccountName + * @return bool + */ + public function disable($username, $isGUID = false) + { + if ($username === NULL) { return "Missing compulsory field [username]"; } + $attributes = array("enabled" => 0); + $result = $this->modify($username, $attributes, $isGUID); + if ($result == false) { return false; } + + return true; + } + + /** + * Enable a user account + * + * @param string $username The username to enable + * @param bool $isGUID Is the username passed a GUID or a samAccountName + * @return bool + */ + public function enable($username, $isGUID = false) + { + if ($username === NULL) { return "Missing compulsory field [username]"; } + $attributes = array("enabled" => 1); + $result = $this->modify($username, $attributes, $isGUID); + if ($result == false) { return false; } + + return true; + } + + /** + * Set the password of a user - This must be performed over SSL + * + * @param string $username The username to modify + * @param string $password The new password + * @param bool $isGUID Is the username passed a GUID or a samAccountName + * @return bool + */ + public function password($username, $password, $isGUID = false) + { + if ($username === NULL) { return false; } + if ($password === NULL) { return false; } + if (!$this->adldap->getLdapBind()) { return false; } + if (!$this->adldap->getUseSSL() && !$this->adldap->getUseTLS()) { + throw new adLDAPException('SSL must be configured on your webserver and enabled in the class to set passwords.'); + } + + $userDn = $this->dn($username, $isGUID); + if ($userDn === false) { + return false; + } + + $add=array(); + $add["unicodePwd"][0] = $this->encodePassword($password); + + $result = @ldap_mod_replace($this->adldap->getLdapConnection(), $userDn, $add); + if ($result === false){ + $err = ldap_errno($this->adldap->getLdapConnection()); + if ($err) { + $msg = 'Error ' . $err . ': ' . ldap_err2str($err) . '.'; + if($err == 53) { + $msg .= ' Your password might not match the password policy.'; + } + throw new adLDAPException($msg); + } + else { + return false; + } + } + + return true; + } + + /** + * Encode a password for transmission over LDAP + * + * @param string $password The password to encode + * @return string + */ + public function encodePassword($password) + { + $password="\"".$password."\""; + $encoded=""; + for ($i=0; $i <strlen($password); $i++){ $encoded.="{$password{$i}}\000"; } + return $encoded; + } + + /** + * Obtain the user's distinguished name based on their userid + * + * + * @param string $username The username + * @param bool $isGUID Is the username passed a GUID or a samAccountName + * @return string + */ + public function dn($username, $isGUID=false) + { + $user = $this->info($username, array("cn"), $isGUID); + if ($user[0]["dn"] === NULL) { + return false; + } + $userDn = $user[0]["dn"]; + return $userDn; + } + + /** + * Return a list of all users in AD + * + * @param bool $includeDescription Return a description of the user + * @param string $search Search parameter + * @param bool $sorted Sort the user accounts + * @return array + */ + public function all($includeDescription = false, $search = "*", $sorted = true) + { + if (!$this->adldap->getLdapBind()) { return false; } + + // Perform the search and grab all their details + $filter = "(&(objectClass=user)(samaccounttype=" . adLDAP::ADLDAP_NORMAL_ACCOUNT .")(objectCategory=person)(cn=" . $search . "))"; + $fields = array("samaccountname","displayname"); + $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields); + $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr); + + $usersArray = array(); + for ($i=0; $i<$entries["count"]; $i++){ + if ($includeDescription && strlen($entries[$i]["displayname"][0])>0){ + $usersArray[$entries[$i]["samaccountname"][0]] = $entries[$i]["displayname"][0]; + } elseif ($includeDescription){ + $usersArray[$entries[$i]["samaccountname"][0]] = $entries[$i]["samaccountname"][0]; + } else { + array_push($usersArray, $entries[$i]["samaccountname"][0]); + } + } + if ($sorted) { + asort($usersArray); + } + return $usersArray; + } + + /** + * Converts a username (samAccountName) to a GUID + * + * @param string $username The username to query + * @return string + */ + public function usernameToGuid($username) + { + if (!$this->adldap->getLdapBind()){ return false; } + if ($username === null){ return "Missing compulsory field [username]"; } + + $filter = "samaccountname=" . $username; + $fields = array("objectGUID"); + $sr = @ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields); + if (ldap_count_entries($this->adldap->getLdapConnection(), $sr) > 0) { + $entry = @ldap_first_entry($this->adldap->getLdapConnection(), $sr); + $guid = @ldap_get_values_len($this->adldap->getLdapConnection(), $entry, 'objectGUID'); + $strGUID = $this->adldap->utilities()->binaryToText($guid[0]); + return $strGUID; + } + return false; + } + + /** + * Return a list of all users in AD that have a specific value in a field + * + * @param bool $includeDescription Return a description of the user + * @param string $searchField Field to search search for + * @param string $searchFilter Value to search for in the specified field + * @param bool $sorted Sort the user accounts + * @return array + */ + public function find($includeDescription = false, $searchField = false, $searchFilter = false, $sorted = true){ + if (!$this->adldap->getLdapBind()){ return false; } + + // Perform the search and grab all their details + $searchParams = ""; + if ($searchField) { + $searchParams = "(" . $searchField . "=" . $searchFilter . ")"; + } + $filter = "(&(objectClass=user)(samaccounttype=" . adLDAP::ADLDAP_NORMAL_ACCOUNT .")(objectCategory=person)" . $searchParams . ")"; + $fields = array("samaccountname","displayname"); + $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields); + $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr); + + $usersArray = array(); + for ($i=0; $i < $entries["count"]; $i++) { + if ($includeDescription && strlen($entries[$i]["displayname"][0]) > 0) { + $usersArray[$entries[$i]["samaccountname"][0]] = $entries[$i]["displayname"][0]; + } + else if ($includeDescription) { + $usersArray[$entries[$i]["samaccountname"][0]] = $entries[$i]["samaccountname"][0]; + } + else { + array_push($usersArray, $entries[$i]["samaccountname"][0]); + } + } + if ($sorted){ + asort($usersArray); + } + return ($usersArray); + } + + /** + * Move a user account to a different OU + * + * @param string $username The username to move (please be careful here!) + * @param array $container The container or containers to move the user to (please be careful here!). + * accepts containers in 1. parent 2. child order + * @return array + */ + public function move($username, $container) + { + if (!$this->adldap->getLdapBind()) { return false; } + if ($username === null) { return "Missing compulsory field [username]"; } + if ($container === null) { return "Missing compulsory field [container]"; } + if (!is_array($container)) { return "Container must be an array"; } + + $userInfo = $this->info($username, array("*")); + $dn = $userInfo[0]['distinguishedname'][0]; + $newRDn = "cn=" . $username; + $container = array_reverse($container); + $newContainer = "ou=" . implode(",ou=",$container); + $newBaseDn = strtolower($newContainer) . "," . $this->adldap->getBaseDn(); + $result = @ldap_rename($this->adldap->getLdapConnection(), $dn, $newRDn, $newBaseDn, true); + if ($result !== true) { + return false; + } + return true; + } + + /** + * Get the last logon time of any user as a Unix timestamp + * + * @param string $username + * @return long $unixTimestamp + */ + public function getLastLogon($username) { + if (!$this->adldap->getLdapBind()) { return false; } + if ($username === null) { return "Missing compulsory field [username]"; } + $userInfo = $this->info($username, array("lastLogonTimestamp")); + $lastLogon = adLDAPUtils::convertWindowsTimeToUnixTime($userInfo[0]['lastLogonTimestamp'][0]); + return $lastLogon; + } + +} +?> diff --git a/lib/plugins/authad/adLDAP/classes/adLDAPUtils.php b/lib/plugins/authad/adLDAP/classes/adLDAPUtils.php index f039a4290..5e8644188 100644 --- a/lib/plugins/authad/adLDAP/classes/adLDAPUtils.php +++ b/lib/plugins/authad/adLDAP/classes/adLDAPUtils.php @@ -1,264 +1,264 @@ -<?php
-/**
- * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
- * Version 4.0.4
- *
- * PHP Version 5 with SSL and LDAP support
- *
- * Written by Scott Barnett, Richard Hyland
- * email: scott@wiggumworld.com, adldap@richardhyland.com
- * http://adldap.sourceforge.net/
- *
- * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- *
- * We'd appreciate any improvements or additions to be submitted back
- * to benefit the entire community :)
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * @category ToolsAndUtilities
- * @package adLDAP
- * @subpackage Utils
- * @author Scott Barnett, Richard Hyland
- * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
- * @revision $Revision: 97 $
- * @version 4.0.4
- * @link http://adldap.sourceforge.net/
- */
-require_once(dirname(__FILE__) . '/../adLDAP.php');
-
-/**
-* UTILITY FUNCTIONS
-*/
-class adLDAPUtils {
- const ADLDAP_VERSION = '4.0.4';
-
- /**
- * The current adLDAP connection via dependency injection
- *
- * @var adLDAP
- */
- protected $adldap;
-
- public function __construct(adLDAP $adldap) {
- $this->adldap = $adldap;
- }
-
-
- /**
- * Take an LDAP query and return the nice names, without all the LDAP prefixes (eg. CN, DN)
- *
- * @param array $groups
- * @return array
- */
- public function niceNames($groups)
- {
-
- $groupArray = array();
- for ($i=0; $i<$groups["count"]; $i++){ // For each group
- $line = $groups[$i];
-
- if (strlen($line)>0) {
- // More presumptions, they're all prefixed with CN=
- // so we ditch the first three characters and the group
- // name goes up to the first comma
- $bits=explode(",", $line);
- $groupArray[] = substr($bits[0], 3, (strlen($bits[0])-3));
- }
- }
- return $groupArray;
- }
-
- /**
- * Escape characters for use in an ldap_create function
- *
- * @param string $str
- * @return string
- */
- public function escapeCharacters($str) {
- $str = str_replace(",", "\,", $str);
- return $str;
- }
-
- /**
- * Escape strings for the use in LDAP filters
- *
- * DEVELOPERS SHOULD BE DOING PROPER FILTERING IF THEY'RE ACCEPTING USER INPUT
- * Ported from Perl's Net::LDAP::Util escape_filter_value
- *
- * @param string $str The string the parse
- * @author Port by Andreas Gohr <andi@splitbrain.org>
- * @return string
- */
- public function ldapSlashes($str){
- return preg_replace('/([\x00-\x1F\*\(\)\\\\])/e',
- '"\\\\\".join("",unpack("H2","$1"))',
- $str);
- }
-
- /**
- * Converts a string GUID to a hexdecimal value so it can be queried
- *
- * @param string $strGUID A string representation of a GUID
- * @return string
- */
- public function strGuidToHex($strGUID)
- {
- $strGUID = str_replace('-', '', $strGUID);
-
- $octet_str = '\\' . substr($strGUID, 6, 2);
- $octet_str .= '\\' . substr($strGUID, 4, 2);
- $octet_str .= '\\' . substr($strGUID, 2, 2);
- $octet_str .= '\\' . substr($strGUID, 0, 2);
- $octet_str .= '\\' . substr($strGUID, 10, 2);
- $octet_str .= '\\' . substr($strGUID, 8, 2);
- $octet_str .= '\\' . substr($strGUID, 14, 2);
- $octet_str .= '\\' . substr($strGUID, 12, 2);
- //$octet_str .= '\\' . substr($strGUID, 16, strlen($strGUID));
- for ($i=16; $i<=(strlen($strGUID)-2); $i++) {
- if (($i % 2) == 0) {
- $octet_str .= '\\' . substr($strGUID, $i, 2);
- }
- }
-
- return $octet_str;
- }
-
- /**
- * Convert a binary SID to a text SID
- *
- * @param string $binsid A Binary SID
- * @return string
- */
- public function getTextSID($binsid) {
- $hex_sid = bin2hex($binsid);
- $rev = hexdec(substr($hex_sid, 0, 2));
- $subcount = hexdec(substr($hex_sid, 2, 2));
- $auth = hexdec(substr($hex_sid, 4, 12));
- $result = "$rev-$auth";
-
- for ($x=0;$x < $subcount; $x++) {
- $subauth[$x] =
- hexdec($this->littleEndian(substr($hex_sid, 16 + ($x * 8), 8)));
- $result .= "-" . $subauth[$x];
- }
-
- // Cheat by tacking on the S-
- return 'S-' . $result;
- }
-
- /**
- * Converts a little-endian hex number to one that hexdec() can convert
- *
- * @param string $hex A hex code
- * @return string
- */
- public function littleEndian($hex)
- {
- $result = '';
- for ($x = strlen($hex) - 2; $x >= 0; $x = $x - 2) {
- $result .= substr($hex, $x, 2);
- }
- return $result;
- }
-
- /**
- * Converts a binary attribute to a string
- *
- * @param string $bin A binary LDAP attribute
- * @return string
- */
- public function binaryToText($bin)
- {
- $hex_guid = bin2hex($bin);
- $hex_guid_to_guid_str = '';
- for($k = 1; $k <= 4; ++$k) {
- $hex_guid_to_guid_str .= substr($hex_guid, 8 - 2 * $k, 2);
- }
- $hex_guid_to_guid_str .= '-';
- for($k = 1; $k <= 2; ++$k) {
- $hex_guid_to_guid_str .= substr($hex_guid, 12 - 2 * $k, 2);
- }
- $hex_guid_to_guid_str .= '-';
- for($k = 1; $k <= 2; ++$k) {
- $hex_guid_to_guid_str .= substr($hex_guid, 16 - 2 * $k, 2);
- }
- $hex_guid_to_guid_str .= '-' . substr($hex_guid, 16, 4);
- $hex_guid_to_guid_str .= '-' . substr($hex_guid, 20);
- return strtoupper($hex_guid_to_guid_str);
- }
-
- /**
- * Converts a binary GUID to a string GUID
- *
- * @param string $binaryGuid The binary GUID attribute to convert
- * @return string
- */
- public function decodeGuid($binaryGuid)
- {
- if ($binaryGuid === null){ return "Missing compulsory field [binaryGuid]"; }
-
- $strGUID = $this->binaryToText($binaryGuid);
- return $strGUID;
- }
-
- /**
- * Convert a boolean value to a string
- * You should never need to call this yourself
- *
- * @param bool $bool Boolean value
- * @return string
- */
- public function boolToStr($bool)
- {
- return ($bool) ? 'TRUE' : 'FALSE';
- }
-
- /**
- * Convert 8bit characters e.g. accented characters to UTF8 encoded characters
- */
- public function encode8Bit(&$item, $key) {
- $encode = false;
- if (is_string($item)) {
- for ($i=0; $i<strlen($item); $i++) {
- if (ord($item[$i]) >> 7) {
- $encode = true;
- }
- }
- }
- if ($encode === true && $key != 'password') {
- $item = utf8_encode($item);
- }
- }
-
- /**
- * Get the current class version number
- *
- * @return string
- */
- public function getVersion() {
- return self::ADLDAP_VERSION;
- }
-
- /**
- * Round a Windows timestamp down to seconds and remove the seconds between 1601-01-01 and 1970-01-01
- *
- * @param long $windowsTime
- * @return long $unixTime
- */
- public static function convertWindowsTimeToUnixTime($windowsTime) {
- $unixTime = round($windowsTime / 10000000) - 11644477200;
- return $unixTime;
- }
-}
-
+<?php +/** + * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY + * Version 4.0.4 + * + * PHP Version 5 with SSL and LDAP support + * + * Written by Scott Barnett, Richard Hyland + * email: scott@wiggumworld.com, adldap@richardhyland.com + * http://adldap.sourceforge.net/ + * + * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * + * We'd appreciate any improvements or additions to be submitted back + * to benefit the entire community :) + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * @category ToolsAndUtilities + * @package adLDAP + * @subpackage Utils + * @author Scott Barnett, Richard Hyland + * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1 + * @revision $Revision: 97 $ + * @version 4.0.4 + * @link http://adldap.sourceforge.net/ + */ +require_once(dirname(__FILE__) . '/../adLDAP.php'); + +/** +* UTILITY FUNCTIONS +*/ +class adLDAPUtils { + const ADLDAP_VERSION = '4.0.4'; + + /** + * The current adLDAP connection via dependency injection + * + * @var adLDAP + */ + protected $adldap; + + public function __construct(adLDAP $adldap) { + $this->adldap = $adldap; + } + + + /** + * Take an LDAP query and return the nice names, without all the LDAP prefixes (eg. CN, DN) + * + * @param array $groups + * @return array + */ + public function niceNames($groups) + { + + $groupArray = array(); + for ($i=0; $i<$groups["count"]; $i++){ // For each group + $line = $groups[$i]; + + if (strlen($line)>0) { + // More presumptions, they're all prefixed with CN= + // so we ditch the first three characters and the group + // name goes up to the first comma + $bits=explode(",", $line); + $groupArray[] = substr($bits[0], 3, (strlen($bits[0])-3)); + } + } + return $groupArray; + } + + /** + * Escape characters for use in an ldap_create function + * + * @param string $str + * @return string + */ + public function escapeCharacters($str) { + $str = str_replace(",", "\,", $str); + return $str; + } + + /** + * Escape strings for the use in LDAP filters + * + * DEVELOPERS SHOULD BE DOING PROPER FILTERING IF THEY'RE ACCEPTING USER INPUT + * Ported from Perl's Net::LDAP::Util escape_filter_value + * + * @param string $str The string the parse + * @author Port by Andreas Gohr <andi@splitbrain.org> + * @return string + */ + public function ldapSlashes($str){ + return preg_replace('/([\x00-\x1F\*\(\)\\\\])/e', + '"\\\\\".join("",unpack("H2","$1"))', + $str); + } + + /** + * Converts a string GUID to a hexdecimal value so it can be queried + * + * @param string $strGUID A string representation of a GUID + * @return string + */ + public function strGuidToHex($strGUID) + { + $strGUID = str_replace('-', '', $strGUID); + + $octet_str = '\\' . substr($strGUID, 6, 2); + $octet_str .= '\\' . substr($strGUID, 4, 2); + $octet_str .= '\\' . substr($strGUID, 2, 2); + $octet_str .= '\\' . substr($strGUID, 0, 2); + $octet_str .= '\\' . substr($strGUID, 10, 2); + $octet_str .= '\\' . substr($strGUID, 8, 2); + $octet_str .= '\\' . substr($strGUID, 14, 2); + $octet_str .= '\\' . substr($strGUID, 12, 2); + //$octet_str .= '\\' . substr($strGUID, 16, strlen($strGUID)); + for ($i=16; $i<=(strlen($strGUID)-2); $i++) { + if (($i % 2) == 0) { + $octet_str .= '\\' . substr($strGUID, $i, 2); + } + } + + return $octet_str; + } + + /** + * Convert a binary SID to a text SID + * + * @param string $binsid A Binary SID + * @return string + */ + public function getTextSID($binsid) { + $hex_sid = bin2hex($binsid); + $rev = hexdec(substr($hex_sid, 0, 2)); + $subcount = hexdec(substr($hex_sid, 2, 2)); + $auth = hexdec(substr($hex_sid, 4, 12)); + $result = "$rev-$auth"; + + for ($x=0;$x < $subcount; $x++) { + $subauth[$x] = + hexdec($this->littleEndian(substr($hex_sid, 16 + ($x * 8), 8))); + $result .= "-" . $subauth[$x]; + } + + // Cheat by tacking on the S- + return 'S-' . $result; + } + + /** + * Converts a little-endian hex number to one that hexdec() can convert + * + * @param string $hex A hex code + * @return string + */ + public function littleEndian($hex) + { + $result = ''; + for ($x = strlen($hex) - 2; $x >= 0; $x = $x - 2) { + $result .= substr($hex, $x, 2); + } + return $result; + } + + /** + * Converts a binary attribute to a string + * + * @param string $bin A binary LDAP attribute + * @return string + */ + public function binaryToText($bin) + { + $hex_guid = bin2hex($bin); + $hex_guid_to_guid_str = ''; + for($k = 1; $k <= 4; ++$k) { + $hex_guid_to_guid_str .= substr($hex_guid, 8 - 2 * $k, 2); + } + $hex_guid_to_guid_str .= '-'; + for($k = 1; $k <= 2; ++$k) { + $hex_guid_to_guid_str .= substr($hex_guid, 12 - 2 * $k, 2); + } + $hex_guid_to_guid_str .= '-'; + for($k = 1; $k <= 2; ++$k) { + $hex_guid_to_guid_str .= substr($hex_guid, 16 - 2 * $k, 2); + } + $hex_guid_to_guid_str .= '-' . substr($hex_guid, 16, 4); + $hex_guid_to_guid_str .= '-' . substr($hex_guid, 20); + return strtoupper($hex_guid_to_guid_str); + } + + /** + * Converts a binary GUID to a string GUID + * + * @param string $binaryGuid The binary GUID attribute to convert + * @return string + */ + public function decodeGuid($binaryGuid) + { + if ($binaryGuid === null){ return "Missing compulsory field [binaryGuid]"; } + + $strGUID = $this->binaryToText($binaryGuid); + return $strGUID; + } + + /** + * Convert a boolean value to a string + * You should never need to call this yourself + * + * @param bool $bool Boolean value + * @return string + */ + public function boolToStr($bool) + { + return ($bool) ? 'TRUE' : 'FALSE'; + } + + /** + * Convert 8bit characters e.g. accented characters to UTF8 encoded characters + */ + public function encode8Bit(&$item, $key) { + $encode = false; + if (is_string($item)) { + for ($i=0; $i<strlen($item); $i++) { + if (ord($item[$i]) >> 7) { + $encode = true; + } + } + } + if ($encode === true && $key != 'password') { + $item = utf8_encode($item); + } + } + + /** + * Get the current class version number + * + * @return string + */ + public function getVersion() { + return self::ADLDAP_VERSION; + } + + /** + * Round a Windows timestamp down to seconds and remove the seconds between 1601-01-01 and 1970-01-01 + * + * @param long $windowsTime + * @return long $unixTime + */ + public static function convertWindowsTimeToUnixTime($windowsTime) { + $unixTime = round($windowsTime / 10000000) - 11644477200; + return $unixTime; + } +} + ?>
\ No newline at end of file diff --git a/lib/plugins/authad/adLDAP/collections/adLDAPCollection.php b/lib/plugins/authad/adLDAP/collections/adLDAPCollection.php index c0a2eb2fa..433d39f18 100644 --- a/lib/plugins/authad/adLDAP/collections/adLDAPCollection.php +++ b/lib/plugins/authad/adLDAP/collections/adLDAPCollection.php @@ -1,137 +1,137 @@ -<?php
-/**
- * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
- * Version 4.0.4
- *
- * PHP Version 5 with SSL and LDAP support
- *
- * Written by Scott Barnett, Richard Hyland
- * email: scott@wiggumworld.com, adldap@richardhyland.com
- * http://adldap.sourceforge.net/
- *
- * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- *
- * We'd appreciate any improvements or additions to be submitted back
- * to benefit the entire community :)
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * @category ToolsAndUtilities
- * @package adLDAP
- * @subpackage Collection
- * @author Scott Barnett, Richard Hyland
- * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
- * @revision $Revision: 97 $
- * @version 4.0.4
- * @link http://adldap.sourceforge.net/
-*/
-
-abstract class adLDAPCollection
-{
- /**
- * The current adLDAP connection via dependency injection
- *
- * @var adLDAP
- */
- protected $adldap;
-
- /**
- * The current object being modifed / called
- *
- * @var mixed
- */
- protected $currentObject;
-
- /**
- * The raw info array from Active Directory
- *
- * @var array
- */
- protected $info;
-
- public function __construct($info, adLDAP $adldap)
- {
- $this->setInfo($info);
- $this->adldap = $adldap;
- }
-
- /**
- * Set the raw info array from Active Directory
- *
- * @param array $info
- */
- public function setInfo(array $info)
- {
- if ($this->info && sizeof($info) >= 1) {
- unset($this->info);
- }
- $this->info = $info;
- }
-
- /**
- * Magic get method to retrieve data from the raw array in a formatted way
- *
- * @param string $attribute
- * @return mixed
- */
- public function __get($attribute)
- {
- if (isset($this->info[0]) && is_array($this->info[0])) {
- foreach ($this->info[0] as $keyAttr => $valueAttr) {
- if (strtolower($keyAttr) == strtolower($attribute)) {
- if ($this->info[0][strtolower($attribute)]['count'] == 1) {
- return $this->info[0][strtolower($attribute)][0];
- }
- else {
- $array = array();
- foreach ($this->info[0][strtolower($attribute)] as $key => $value) {
- if ((string)$key != 'count') {
- $array[$key] = $value;
- }
- }
- return $array;
- }
- }
- }
- }
- else {
- return NULL;
- }
- }
-
- /**
- * Magic set method to update an attribute
- *
- * @param string $attribute
- * @param string $value
- * @return bool
- */
- abstract public function __set($attribute, $value);
-
- /**
- * Magic isset method to check for the existence of an attribute
- *
- * @param string $attribute
- * @return bool
- */
- public function __isset($attribute) {
- if (isset($this->info[0]) && is_array($this->info[0])) {
- foreach ($this->info[0] as $keyAttr => $valueAttr) {
- if (strtolower($keyAttr) == strtolower($attribute)) {
- return true;
- }
- }
- }
- return false;
- }
-}
-?>
+<?php +/** + * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY + * Version 4.0.4 + * + * PHP Version 5 with SSL and LDAP support + * + * Written by Scott Barnett, Richard Hyland + * email: scott@wiggumworld.com, adldap@richardhyland.com + * http://adldap.sourceforge.net/ + * + * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * + * We'd appreciate any improvements or additions to be submitted back + * to benefit the entire community :) + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * @category ToolsAndUtilities + * @package adLDAP + * @subpackage Collection + * @author Scott Barnett, Richard Hyland + * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1 + * @revision $Revision: 97 $ + * @version 4.0.4 + * @link http://adldap.sourceforge.net/ +*/ + +abstract class adLDAPCollection +{ + /** + * The current adLDAP connection via dependency injection + * + * @var adLDAP + */ + protected $adldap; + + /** + * The current object being modifed / called + * + * @var mixed + */ + protected $currentObject; + + /** + * The raw info array from Active Directory + * + * @var array + */ + protected $info; + + public function __construct($info, adLDAP $adldap) + { + $this->setInfo($info); + $this->adldap = $adldap; + } + + /** + * Set the raw info array from Active Directory + * + * @param array $info + */ + public function setInfo(array $info) + { + if ($this->info && sizeof($info) >= 1) { + unset($this->info); + } + $this->info = $info; + } + + /** + * Magic get method to retrieve data from the raw array in a formatted way + * + * @param string $attribute + * @return mixed + */ + public function __get($attribute) + { + if (isset($this->info[0]) && is_array($this->info[0])) { + foreach ($this->info[0] as $keyAttr => $valueAttr) { + if (strtolower($keyAttr) == strtolower($attribute)) { + if ($this->info[0][strtolower($attribute)]['count'] == 1) { + return $this->info[0][strtolower($attribute)][0]; + } + else { + $array = array(); + foreach ($this->info[0][strtolower($attribute)] as $key => $value) { + if ((string)$key != 'count') { + $array[$key] = $value; + } + } + return $array; + } + } + } + } + else { + return NULL; + } + } + + /** + * Magic set method to update an attribute + * + * @param string $attribute + * @param string $value + * @return bool + */ + abstract public function __set($attribute, $value); + + /** + * Magic isset method to check for the existence of an attribute + * + * @param string $attribute + * @return bool + */ + public function __isset($attribute) { + if (isset($this->info[0]) && is_array($this->info[0])) { + foreach ($this->info[0] as $keyAttr => $valueAttr) { + if (strtolower($keyAttr) == strtolower($attribute)) { + return true; + } + } + } + return false; + } +} +?> diff --git a/lib/plugins/authad/adLDAP/collections/adLDAPComputerCollection.php b/lib/plugins/authad/adLDAP/collections/adLDAPComputerCollection.php index 4f11d8f41..09f82cadc 100644 --- a/lib/plugins/authad/adLDAP/collections/adLDAPComputerCollection.php +++ b/lib/plugins/authad/adLDAP/collections/adLDAPComputerCollection.php @@ -1,46 +1,46 @@ -<?php
-/**
- * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
- * Version 4.0.4
- *
- * PHP Version 5 with SSL and LDAP support
- *
- * Written by Scott Barnett, Richard Hyland
- * email: scott@wiggumworld.com, adldap@richardhyland.com
- * http://adldap.sourceforge.net/
- *
- * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- *
- * We'd appreciate any improvements or additions to be submitted back
- * to benefit the entire community :)
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * @category ToolsAndUtilities
- * @package adLDAP
- * @subpackage ComputerCollection
- * @author Scott Barnett, Richard Hyland
- * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
- * @revision $Revision: 97 $
- * @version 4.0.4
- * @link http://adldap.sourceforge.net/
-*/
-
-class adLDAPComputerCollection extends adLDAPCollection
-{
-
- public function __set($attribute, $value)
- {
-
- }
-}
-?>
+<?php +/** + * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY + * Version 4.0.4 + * + * PHP Version 5 with SSL and LDAP support + * + * Written by Scott Barnett, Richard Hyland + * email: scott@wiggumworld.com, adldap@richardhyland.com + * http://adldap.sourceforge.net/ + * + * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * + * We'd appreciate any improvements or additions to be submitted back + * to benefit the entire community :) + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * @category ToolsAndUtilities + * @package adLDAP + * @subpackage ComputerCollection + * @author Scott Barnett, Richard Hyland + * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1 + * @revision $Revision: 97 $ + * @version 4.0.4 + * @link http://adldap.sourceforge.net/ +*/ + +class adLDAPComputerCollection extends adLDAPCollection +{ + + public function __set($attribute, $value) + { + + } +} +?> diff --git a/lib/plugins/authad/adLDAP/collections/adLDAPContactCollection.php b/lib/plugins/authad/adLDAP/collections/adLDAPContactCollection.php index d42fe6d4c..a9efad5a9 100644 --- a/lib/plugins/authad/adLDAP/collections/adLDAPContactCollection.php +++ b/lib/plugins/authad/adLDAP/collections/adLDAPContactCollection.php @@ -1,46 +1,46 @@ -<?php
-/**
- * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
- * Version 4.0.4
- *
- * PHP Version 5 with SSL and LDAP support
- *
- * Written by Scott Barnett, Richard Hyland
- * email: scott@wiggumworld.com, adldap@richardhyland.com
- * http://adldap.sourceforge.net/
- *
- * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- *
- * We'd appreciate any improvements or additions to be submitted back
- * to benefit the entire community :)
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * @category ToolsAndUtilities
- * @package adLDAP
- * @subpackage ContactCollection
- * @author Scott Barnett, Richard Hyland
- * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
- * @revision $Revision: 97 $
- * @version 4.0.4
- * @link http://adldap.sourceforge.net/
-*/
-
-class adLDAPContactCollection extends adLDAPCollection
-{
-
- public function __set($attribute, $value)
- {
-
- }
-}
-?>
+<?php +/** + * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY + * Version 4.0.4 + * + * PHP Version 5 with SSL and LDAP support + * + * Written by Scott Barnett, Richard Hyland + * email: scott@wiggumworld.com, adldap@richardhyland.com + * http://adldap.sourceforge.net/ + * + * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * + * We'd appreciate any improvements or additions to be submitted back + * to benefit the entire community :) + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * @category ToolsAndUtilities + * @package adLDAP + * @subpackage ContactCollection + * @author Scott Barnett, Richard Hyland + * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1 + * @revision $Revision: 97 $ + * @version 4.0.4 + * @link http://adldap.sourceforge.net/ +*/ + +class adLDAPContactCollection extends adLDAPCollection +{ + + public function __set($attribute, $value) + { + + } +} +?> diff --git a/lib/plugins/authad/adLDAP/collections/adLDAPGroupCollection.php b/lib/plugins/authad/adLDAP/collections/adLDAPGroupCollection.php index cff12fc20..ef4af8df2 100644 --- a/lib/plugins/authad/adLDAP/collections/adLDAPGroupCollection.php +++ b/lib/plugins/authad/adLDAP/collections/adLDAPGroupCollection.php @@ -1,46 +1,46 @@ -<?php
-/**
- * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
- * Version 4.0.4
- *
- * PHP Version 5 with SSL and LDAP support
- *
- * Written by Scott Barnett, Richard Hyland
- * email: scott@wiggumworld.com, adldap@richardhyland.com
- * http://adldap.sourceforge.net/
- *
- * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- *
- * We'd appreciate any improvements or additions to be submitted back
- * to benefit the entire community :)
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * @category ToolsAndUtilities
- * @package adLDAP
- * @subpackage GroupCollection
- * @author Scott Barnett, Richard Hyland
- * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
- * @revision $Revision: 97 $
- * @version 4.0.4
- * @link http://adldap.sourceforge.net/
-*/
-
-class adLDAPGroupCollection extends adLDAPCollection
-{
-
- public function __set($attribute, $value)
- {
-
- }
-}
-?>
+<?php +/** + * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY + * Version 4.0.4 + * + * PHP Version 5 with SSL and LDAP support + * + * Written by Scott Barnett, Richard Hyland + * email: scott@wiggumworld.com, adldap@richardhyland.com + * http://adldap.sourceforge.net/ + * + * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * + * We'd appreciate any improvements or additions to be submitted back + * to benefit the entire community :) + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * @category ToolsAndUtilities + * @package adLDAP + * @subpackage GroupCollection + * @author Scott Barnett, Richard Hyland + * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1 + * @revision $Revision: 97 $ + * @version 4.0.4 + * @link http://adldap.sourceforge.net/ +*/ + +class adLDAPGroupCollection extends adLDAPCollection +{ + + public function __set($attribute, $value) + { + + } +} +?> diff --git a/lib/plugins/authad/adLDAP/collections/adLDAPUserCollection.php b/lib/plugins/authad/adLDAP/collections/adLDAPUserCollection.php index 801d90296..63fce5f96 100644 --- a/lib/plugins/authad/adLDAP/collections/adLDAPUserCollection.php +++ b/lib/plugins/authad/adLDAP/collections/adLDAPUserCollection.php @@ -1,46 +1,46 @@ -<?php
-/**
- * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
- * Version 4.0.4
- *
- * PHP Version 5 with SSL and LDAP support
- *
- * Written by Scott Barnett, Richard Hyland
- * email: scott@wiggumworld.com, adldap@richardhyland.com
- * http://adldap.sourceforge.net/
- *
- * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- *
- * We'd appreciate any improvements or additions to be submitted back
- * to benefit the entire community :)
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * @category ToolsAndUtilities
- * @package adLDAP
- * @subpackage UserCollection
- * @author Scott Barnett, Richard Hyland
- * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
- * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
- * @revision $Revision: 97 $
- * @version 4.0.4
- * @link http://adldap.sourceforge.net/
-*/
-
-class adLDAPUserCollection extends adLDAPCollection
-{
-
- public function __set($attribute, $value)
- {
-
- }
-}
-?>
+<?php +/** + * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY + * Version 4.0.4 + * + * PHP Version 5 with SSL and LDAP support + * + * Written by Scott Barnett, Richard Hyland + * email: scott@wiggumworld.com, adldap@richardhyland.com + * http://adldap.sourceforge.net/ + * + * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * + * We'd appreciate any improvements or additions to be submitted back + * to benefit the entire community :) + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * @category ToolsAndUtilities + * @package adLDAP + * @subpackage UserCollection + * @author Scott Barnett, Richard Hyland + * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland + * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1 + * @revision $Revision: 97 $ + * @version 4.0.4 + * @link http://adldap.sourceforge.net/ +*/ + +class adLDAPUserCollection extends adLDAPCollection +{ + + public function __set($attribute, $value) + { + + } +} +?> diff --git a/lib/plugins/authad/lang/ar/settings.php b/lib/plugins/authad/lang/ar/settings.php new file mode 100644 index 000000000..d2a2e2a35 --- /dev/null +++ b/lib/plugins/authad/lang/ar/settings.php @@ -0,0 +1,12 @@ +<?php + +/** + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * + * @author alhajr <alhajr300@gmail.com> + */ +$lang['account_suffix'] = 'لاحقة الحساب الخاص بك. على سبيل المثال. <code>@my.domain.org</code>'; +$lang['domain_controllers'] = 'قائمة مفصولة بفواصل من وحدات التحكم بالمجال. على سبيل المثال. <code>srv1.domain.org,srv2.domain.org</code>'; +$lang['admin_password'] = 'كلمة المرور للمستخدم أعلاه.'; +$lang['real_primarygroup'] = 'ينبغي أن تحل المجموعة الأساسية الحقيقية بدلاً من افتراض "Domain Users" (أبطأ).'; +$lang['expirywarn'] = 'عدد الأيام المقدمة لتحذير المستخدم حول كلمة مرور منتهية الصلاحية. (0) للتعطيل.'; diff --git a/lib/plugins/authad/lang/bg/settings.php b/lib/plugins/authad/lang/bg/settings.php index 877810c4e..bf7a2d8ce 100644 --- a/lib/plugins/authad/lang/bg/settings.php +++ b/lib/plugins/authad/lang/bg/settings.php @@ -1,18 +1,19 @@ <?php + /** - * Bulgarian language file - * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author Kiril <neohidra@gmail.com> */ -$lang['account_suffix'] = 'Наставка на акаунта Ви. Например <code>@някакъв.домейн.org</code>'; -$lang['base_dn'] = 'Вашият основен DN. Например <code>DC=моят,DC=домейн,DC=org</code>'; -$lang['domain_controllers'] = 'Domain controller списък, разделете сървърите със запетая. Например <code>сървър1.домейн.org,сървър2.домейн.org</code>'; -$lang['admin_username'] = 'Привилегирован Active Directory потребител с достъп до данните на останалите потребители. Не е задължително, но е необходимо за някои функционалности като изпращането на имейл за абонаменти.'; -$lang['admin_password'] = 'Паролата на горния потребител.'; -$lang['sso'] = 'Да се ползва ли еднократно вписване чрез Kerberos или NTLM?'; -$lang['real_primarygroup'] = 'Да се извлича ли истинската група вместо да се предполага "Domain Users" (по-бавно)'; -$lang['use_ssl'] = 'Ползване на SSL свързаност? Не отбелязвайте TLS (по-долу) ако включите опцията.'; -$lang['use_tls'] = 'Ползване на TLS свързаност? Не отбелязвайте SSL (по-горе) ако включите опцията.'; -$lang['debug'] = 'Показване на допълнителна debug информация при грешка?'; -$lang['expirywarn'] = 'Предупреждаване на потребителите Х дни преди изтичане валидността на паролата им. Въведете 0 за изключване.'; -$lang['additional'] = 'Списък с допълнителни AD атрибути за извличане от потребителските данни (разделяйте ги със запетая). Ползва се от няколко приставки.';
\ No newline at end of file +$lang['account_suffix'] = 'Наставка на акаунта Ви. Например <code>@някакъв.домейн.org</code>'; +$lang['base_dn'] = 'Вашият основен DN. Например <code>DC=моят,DC=домейн,DC=org</code>'; +$lang['domain_controllers'] = 'Domain controller списък, разделете сървърите със запетая. Например <code>сървър1.домейн.org,сървър2.домейн.org</code>'; +$lang['admin_username'] = 'Привилегирован Active Directory потребител с достъп до данните на останалите потребители. Не е задължително, но е необходимо за някои функционалности като изпращането на имейл за абонаменти.'; +$lang['admin_password'] = 'Паролата на горния потребител.'; +$lang['sso'] = 'Да се ползва ли еднократно вписване чрез Kerberos или NTLM?'; +$lang['real_primarygroup'] = 'Да се извлича ли истинската група вместо да се предполага "Domain Users" (по-бавно)'; +$lang['use_ssl'] = 'Ползване на SSL свързаност? Не отбелязвайте TLS (по-долу) ако включите опцията.'; +$lang['use_tls'] = 'Ползване на TLS свързаност? Не отбелязвайте SSL (по-горе) ако включите опцията.'; +$lang['debug'] = 'Показване на допълнителна debug информация при грешка?'; +$lang['expirywarn'] = 'Предупреждаване на потребителите Х дни преди изтичане валидността на паролата им. Въведете 0 за изключване.'; +$lang['additional'] = 'Списък с допълнителни AD атрибути за извличане от потребителските данни (разделяйте ги със запетая). Ползва се от няколко приставки.'; diff --git a/lib/plugins/authad/lang/de/settings.php b/lib/plugins/authad/lang/de/settings.php index fd624ad02..8105fb6f2 100644 --- a/lib/plugins/authad/lang/de/settings.php +++ b/lib/plugins/authad/lang/de/settings.php @@ -5,6 +5,8 @@ * * @author Frank Loizzi <contact@software.bacal.de> * @author Matthias Schulte <dokuwiki@lupo49.de> + * @author Ben Fey <benedikt.fey@beck-heun.de> + * @author Jonas Gröger <jonas.groeger@gmail.com> */ $lang['account_suffix'] = 'Ihr Account-Suffix. Z. B. <code>@my.domain.org</code>'; $lang['base_dn'] = 'Ihr Base-DN. Z. B. <code>DC=my,DC=domain,DC=org</code>'; @@ -12,6 +14,7 @@ $lang['domain_controllers'] = 'Eine Komma-separierte Liste von Domänen-Contr $lang['admin_username'] = 'Ein priviligierter Active Directory-Benutzer mit Zugriff zu allen anderen Benutzerdaten. Optional, aber wird benötigt für Aktionen wie z. B. dass Senden von Benachrichtigungs-Mails.'; $lang['admin_password'] = 'Das Passwort des obigen Benutzers.'; $lang['sso'] = 'Soll Single-Sign-On via Kerberos oder NTLM benutzt werden?'; +$lang['sso_charset'] = 'Der Zeichensatz, mit dem der Server den Kerberos- oder NTLM-Benutzernamen versendet. Leer lassen für UTF-8 oder latin-1. Benötigt die iconv-Erweiterung.'; $lang['real_primarygroup'] = 'Soll die echte primäre Gruppe aufgelöst werden anstelle der Annahme "Domain Users" (langsamer)'; $lang['use_ssl'] = 'SSL-Verbindung benutzen? Falls ja, TLS unterhalb nicht aktivieren.'; $lang['use_tls'] = 'TLS-Verbindung benutzen? Falls ja, SSL oberhalb nicht aktivieren.'; diff --git a/lib/plugins/authad/lang/el/settings.php b/lib/plugins/authad/lang/el/settings.php new file mode 100644 index 000000000..9bf23ea1c --- /dev/null +++ b/lib/plugins/authad/lang/el/settings.php @@ -0,0 +1,8 @@ +<?php + +/** + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * + * @author chris taklis <ctaklis@gmail.com> + */ +$lang['admin_password'] = 'Ο κωδικός του παραπάνω χρήστη.'; diff --git a/lib/plugins/authad/lang/es/settings.php b/lib/plugins/authad/lang/es/settings.php index 9d0aa80ac..98b78056b 100644 --- a/lib/plugins/authad/lang/es/settings.php +++ b/lib/plugins/authad/lang/es/settings.php @@ -4,6 +4,7 @@ * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) * * @author monica <may.dorado@gmail.com> + * @author Antonio Bueno <atnbueno@gmail.com> */ $lang['account_suffix'] = 'Su cuenta, sufijo. Ejem. <code> @ my.domain.org </ code>'; $lang['base_dn'] = 'Su base DN. Ejem. <code>DC=my,DC=dominio,DC=org</code>'; @@ -11,3 +12,4 @@ $lang['domain_controllers'] = 'Una lista separada por coma de los controlador $lang['admin_username'] = 'Un usuario con privilegios de Active Directory con acceso a los datos de cualquier otro usuario. Opcional, pero es necesario para determinadas acciones como el envío de suscripciones de correos electrónicos.'; $lang['admin_password'] = 'La contraseña del usuario anterior.'; $lang['sso'] = 'En caso de inicio de sesión usará ¿Kerberos o NTLM?'; +$lang['sso_charset'] = 'La codificación con que tu servidor web pasará el nombre de usuario Kerberos o NTLM. Si es UTF-8 o latin-1 dejar en blanco. Requiere la extensión iconv.'; diff --git a/lib/plugins/authad/lang/fi/settings.php b/lib/plugins/authad/lang/fi/settings.php index d3aa13e07..e2f432f36 100644 --- a/lib/plugins/authad/lang/fi/settings.php +++ b/lib/plugins/authad/lang/fi/settings.php @@ -1,6 +1,9 @@ <?php + /** - * Finnish language file - * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author Otto Vainio <otto@valjakko.net> */ +$lang['debug'] = 'Näytä lisää debug-koodia virheistä?'; +$lang['expirywarn'] = 'Montako päivää etukäteen varoitetaan salasanan vanhenemissta. 0 poistaa.'; diff --git a/lib/plugins/authad/lang/hu/settings.php b/lib/plugins/authad/lang/hu/settings.php index 1510e1756..05acbdc2d 100644 --- a/lib/plugins/authad/lang/hu/settings.php +++ b/lib/plugins/authad/lang/hu/settings.php @@ -4,6 +4,7 @@ * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) * * @author Marton Sebok <sebokmarton@gmail.com> + * @author Marina Vladi <deldadam@gmail.com> */ $lang['account_suffix'] = 'Felhasználói azonosító végződése, pl. <code>@my.domain.org</code>.'; $lang['base_dn'] = 'Bázis DN, pl. <code>DC=my,DC=domain,DC=org</code>.'; @@ -11,6 +12,7 @@ $lang['domain_controllers'] = 'Tartománykezelők listája vesszővel elvála $lang['admin_username'] = 'Privilegizált AD felhasználó, aki az összes feéhasználó adatait elérheti. Elhagyható, de bizonyos funkciókhoz, például a feliratkozási e-mailek kiküldéséhez szükséges.'; $lang['admin_password'] = 'Ehhez tartozó jelszó.'; $lang['sso'] = 'Single-Sign-On Kerberos-szal vagy NTML használata?'; +$lang['sso_charset'] = 'A webkiszolgáló karakterkészlete megfelel a Kerberos- és NTLM-felhasználóneveknek. Üres UTF-8 és Latin-1-hez. Szükséges az iconv bővítmény.'; $lang['real_primarygroup'] = 'A valódi elsődleges csoport feloldása a "Tartományfelhasználók" csoport használata helyett? (lassabb)'; $lang['use_ssl'] = 'SSL használata? Ha használjuk, tiltsuk le a TLS-t!'; $lang['use_tls'] = 'TLS használata? Ha használjuk, tiltsuk le az SSL-t!'; diff --git a/lib/plugins/authad/lang/ko/settings.php b/lib/plugins/authad/lang/ko/settings.php index 2914bf47b..b104371fe 100644 --- a/lib/plugins/authad/lang/ko/settings.php +++ b/lib/plugins/authad/lang/ko/settings.php @@ -4,6 +4,7 @@ * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) * * @author Myeongjin <aranet100@gmail.com> + * @author Garam <rowain8@gmail.com> */ $lang['account_suffix'] = '계정 접미어. 예를 들어 <code>@my.domain.org</code>'; $lang['base_dn'] = '기본 DN. 예를 들어 <code>DC=my,DC=domain,DC=org</code>'; @@ -11,7 +12,8 @@ $lang['domain_controllers'] = '도메인 컨트롤러의 쉼표로 구분한 $lang['admin_username'] = '다른 모든 사용자의 데이터에 접근할 수 있는 권한이 있는 Active Directory 사용자. 선택적이지만 구독 메일을 보내는 등의 특정 작업에 필요합니다.'; $lang['admin_password'] = '위 사용자의 비밀번호.'; $lang['sso'] = 'Kerberos나 NTLM을 통해 Single-Sign-On을 사용해야 합니까?'; -$lang['real_primarygroup'] = '실제 기본 그룹은 "도메인 사용자"를 가정하는 대신 해결될 것입니다 (느림)'; +$lang['sso_charset'] = '당신의 웹서버의 문자집합은 Kerberos나 NTLM 사용자 이름으로 전달됩니다. UTF-8이나 라린-1이 비어 있습니다. icov 확장 기능이 필요합니다.'; +$lang['real_primarygroup'] = '실제 기본 그룹은 "도메인 사용자"를 가정하는 대신 해결될 것입니다. (느림)'; $lang['use_ssl'] = 'SSL 연결을 사용합니까? 사용한다면 아래 TLS을 활성화하지 마세요.'; $lang['use_tls'] = 'TLS 연결을 사용합니까? 사용한다면 위 SSL을 활성화하지 마세요.'; $lang['debug'] = '오류에 대한 추가적인 디버그 정보를 보이겠습니까?'; diff --git a/lib/plugins/authad/lang/nl/settings.php b/lib/plugins/authad/lang/nl/settings.php index 69d67be9a..591d72941 100644 --- a/lib/plugins/authad/lang/nl/settings.php +++ b/lib/plugins/authad/lang/nl/settings.php @@ -4,6 +4,7 @@ * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) * * @author Remon <no@email.local> + * @author Gerrit Uitslag <klapinklapin@gmail.com> */ $lang['account_suffix'] = 'Je account domeinnaam. Bijv <code>@mijn.domein.org</code>'; $lang['base_dn'] = 'Je basis DN. Bijv. <code>DC=mijn,DC=domein,DC=org</code>'; @@ -11,6 +12,7 @@ $lang['domain_controllers'] = 'Eeen kommagescheiden lijst van domeinservers. $lang['admin_username'] = 'Een geprivilegeerde Active Directory gebruiker die bij alle gebruikersgegevens kan komen. Dit is optioneel maar kan nodig zijn voor bepaalde acties, zoals het versturen van abonnementsmailtjes.'; $lang['admin_password'] = 'Het wachtwoord van bovenstaande gebruiker.'; $lang['sso'] = 'Wordt voor Single-Sign-on Kerberos of NTLM gebruikt?'; +$lang['sso_charset'] = 'Het tekenset waarin je webserver de Kerberos of NTLM gebruikersnaam doorsturen. Leeglaten voor UTF-8 of latin-1. Vereist de iconv extensie.'; $lang['real_primarygroup'] = 'Moet de echte primaire groep worden opgezocht in plaats van het aannemen van "Domeingebruikers" (langzamer)'; $lang['use_ssl'] = 'SSL verbinding gebruiken? Zo ja, activeer dan niet de TLS optie hieronder.'; $lang['use_tls'] = 'TLS verbinding gebruiken? Zo ja, activeer dan niet de SSL verbinding hierboven.'; diff --git a/lib/plugins/authad/lang/pl/settings.php b/lib/plugins/authad/lang/pl/settings.php index 9113c0e51..ad051b0ac 100644 --- a/lib/plugins/authad/lang/pl/settings.php +++ b/lib/plugins/authad/lang/pl/settings.php @@ -1,9 +1,12 @@ <?php + /** - * Polish language file - * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * + * @author Tomasz Bosak <bosak.tomasz@gmail.com> */ $lang['account_suffix'] = 'Przyrostek twojej nazwy konta np. <code>@my.domain.org</code>'; +$lang['base_dn'] = 'Twoje bazowe DN. Na przykład: <code>DC=my,DC=domain,DC=org</code>'; $lang['admin_password'] = 'Hasło dla powyższego użytkownika.'; $lang['use_ssl'] = 'Użyć połączenie SSL? Jeśli tak to nie aktywuj TLS poniżej.'; $lang['use_tls'] = 'Użyć połączenie TLS? Jeśli tak to nie aktywuj SSL powyżej.'; diff --git a/lib/plugins/authad/lang/pt-br/settings.php b/lib/plugins/authad/lang/pt-br/settings.php index 76fb419a6..cdc748055 100644 --- a/lib/plugins/authad/lang/pt-br/settings.php +++ b/lib/plugins/authad/lang/pt-br/settings.php @@ -5,6 +5,7 @@ * * @author Victor Westmann <victor.westmann@gmail.com> * @author Frederico Guimarães <frederico@teia.bio.br> + * @author Juliano Marconi Lanigra <juliano.marconi@gmail.com> */ $lang['account_suffix'] = 'Sufixo de sua conta. Eg. <code>@meu.domínio.org</code>'; $lang['base_dn'] = 'Sua base DN. Eg. <code>DC=meu,DC=domínio,DC=org</code>'; @@ -12,6 +13,7 @@ $lang['domain_controllers'] = 'Uma lista de controles de domínios separada p $lang['admin_username'] = 'Um usuário do Active Directory com privilégios para acessar os dados de todos os outros usuários. Opcional, mas necessário para realizar certas ações, tais como enviar mensagens de assinatura.'; $lang['admin_password'] = 'A senha do usuário acima.'; $lang['sso'] = 'Usar Single-Sign-On através do Kerberos ou NTLM?'; +$lang['sso_charset'] = 'A codificação de caracteres que seu servidor web passará o nome de usuário Kerberos ou NTLM. Vazio para UTF-8 ou latin-1. Requere a extensão iconv.'; $lang['real_primarygroup'] = 'O grupo primário real deve ser resolvido ao invés de assumirmos como "Usuários do Domínio" (mais lento)'; $lang['use_ssl'] = 'Usar conexão SSL? Se usar, não habilitar TLS abaixo.'; $lang['use_tls'] = 'Usar conexão TLS? se usar, não habilitar SSL acima.'; diff --git a/lib/plugins/authad/lang/ru/settings.php b/lib/plugins/authad/lang/ru/settings.php index f849c201a..e662300d7 100644 --- a/lib/plugins/authad/lang/ru/settings.php +++ b/lib/plugins/authad/lang/ru/settings.php @@ -5,5 +5,12 @@ * * @author Ivan I. Udovichenko (sendtome@mymailbox.pp.ua) * @author Aleksandr Selivanov <alexgearbox@gmail.com> + * @author Artur <ncuxxx@gmail.com> + * @author Erli Moen <evseev.jr@gmail.com> */ +$lang['domain_controllers'] = 'Список DNS-серверов, разделенных запятой. Например:<code>srv1.domain.org,srv2.domain.org</code>'; $lang['admin_password'] = 'Пароль для указанного пользователя.'; +$lang['sso'] = 'Использовать SSO (Single-Sign-On) через Kerberos или NTLM?'; +$lang['use_ssl'] = 'Использовать SSL? Если да, то не включайте TLS.'; +$lang['use_tls'] = 'Использовать TLS? Если да, то не включайте SSL.'; +$lang['debug'] = 'Выводить дополнительную информацию при ошибках?'; diff --git a/lib/plugins/authad/lang/sk/settings.php b/lib/plugins/authad/lang/sk/settings.php index 55f266dd6..b7d822f7e 100644 --- a/lib/plugins/authad/lang/sk/settings.php +++ b/lib/plugins/authad/lang/sk/settings.php @@ -6,10 +6,15 @@ * @author Martin Michalek <michalek.dev@gmail.com> */ $lang['account_suffix'] = 'Prípona používateľského účtu. Napr. <code>@my.domain.org</code>'; +$lang['base_dn'] = 'Vaše base DN. Napr. <code>DC=my,DC=domain,DC=org</code>'; +$lang['domain_controllers'] = 'Zoznam doménových radičov oddelených čiarkou. Napr. <code>srv1.domain.org,srv2.domain.org</code>'; $lang['admin_username'] = 'Privilegovaný používateľ Active Directory s prístupom ku všetkým dátam ostatných používateľov. Nepovinné nastavenie, ale potrebné pre určité akcie ako napríklad zasielanie mailov o zmenách.'; $lang['admin_password'] = 'Heslo vyššie uvedeného používateľa.'; $lang['sso'] = 'Použiť Single-Sign-On cez Kerberos alebo NTLM?'; +$lang['sso_charset'] = 'Znaková sada, v ktorej bude webserver prenášať meno Kerberos or NTLM používateľa. Prázne pole znamená UTF-8 alebo latin-1. Vyžaduje iconv rozšírenie.'; +$lang['real_primarygroup'] = 'Použiť skutočnú primárnu skupinu používateľa namiesto "Doménoví používatelia" (pomalšie).'; $lang['use_ssl'] = 'Použiť SSL pripojenie? Ak áno, nepovoľte TLS nižšie.'; $lang['use_tls'] = 'Použiť TLS pripojenie? Ak áno, nepovoľte SSL vyššie.'; $lang['debug'] = 'Zobraziť doplňujúce ladiace informácie pri chybe?'; +$lang['expirywarn'] = 'Počet dní pred uplynutím platnosti hesla, počas ktorých používateľ dostáva upozornenie. 0 deaktivuje túto voľbu.'; $lang['additional'] = 'Zoznam dodatočných AD atribútov oddelených čiarkou získaných z údajov používateľa. Používané niektorými pluginmi.'; diff --git a/lib/plugins/authad/lang/zh/settings.php b/lib/plugins/authad/lang/zh/settings.php index 84bdc1e5c..52ba2131b 100644 --- a/lib/plugins/authad/lang/zh/settings.php +++ b/lib/plugins/authad/lang/zh/settings.php @@ -4,6 +4,7 @@ * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) * * @author lainme <lainme993@gmail.com> + * @author oott123 <ip.192.168.1.1@qq.com> */ $lang['account_suffix'] = '您的账户后缀。例如 <code>@my.domain.org</code>'; $lang['base_dn'] = '您的基本分辨名。例如 <code>DC=my,DC=domain,DC=org</code>'; @@ -11,6 +12,7 @@ $lang['domain_controllers'] = '逗号分隔的域名控制器列表。例如 $lang['admin_username'] = '一个活动目录的特权用户,可以查看其他所有用户的数据。可选,但对某些活动例如发送订阅邮件是必须的。'; $lang['admin_password'] = '上述用户的密码。'; $lang['sso'] = '是否使用经由 Kerberos 和 NTLM 的 Single-Sign-On?'; +$lang['sso_charset'] = '服务器传入 Kerberos 或者 NTLM 用户名的编码。留空为 UTF-8 或 latin-1 。此功能需要服务器支持iconv扩展。'; $lang['real_primarygroup'] = ' 是否解析真实的主要组,而不是假设为“域用户” (较慢)'; $lang['use_ssl'] = '使用 SSL 连接?如果是,不要激活下面的 TLS。'; $lang['use_tls'] = '使用 TLS 连接?如果是 ,不要激活上面的 SSL。'; diff --git a/lib/plugins/authldap/auth.php b/lib/plugins/authldap/auth.php index de1332282..31e2c5135 100644 --- a/lib/plugins/authldap/auth.php +++ b/lib/plugins/authldap/auth.php @@ -166,7 +166,7 @@ class auth_plugin_authldap extends DokuWiki_Auth_Plugin { // be accessible anonymously, so we try to rebind the current user here list($loginuser, $loginsticky, $loginpass) = auth_getCookie(); if($loginuser && $loginpass) { - $loginpass = PMA_blowfish_decrypt($loginpass, auth_cookiesalt(!$loginsticky)); + $loginpass = auth_decrypt($loginpass, auth_cookiesalt(!$loginsticky, true)); $this->checkPass($loginuser, $loginpass); } } diff --git a/lib/plugins/authldap/lang/ar/settings.php b/lib/plugins/authldap/lang/ar/settings.php new file mode 100644 index 000000000..aaef7763f --- /dev/null +++ b/lib/plugins/authldap/lang/ar/settings.php @@ -0,0 +1,13 @@ +<?php + +/** + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * + * @author alhajr <alhajr300@gmail.com> + */ +$lang['port'] = 'LDAP المنفذ الملقم إذا لم يعط أي عنوان URL كامل أعلاه'; +$lang['version'] = 'إصدار نسخة البروتوكول الستخدامه. قد تحتاج لتعيين هذه القيمة إلى <code>3</code>'; +$lang['starttls'] = 'استخدام اتصالات TLS؟'; +$lang['referrals'] = 'يتبع الإحالات؟'; +$lang['deref'] = 'كيفية إلغاء مرجعية الأسماء المستعارة؟'; +$lang['bindpw'] = 'كلمة مرور المستخدم أعلاه'; diff --git a/lib/plugins/authldap/lang/bg/settings.php b/lib/plugins/authldap/lang/bg/settings.php index 644672ca7..165216de8 100644 --- a/lib/plugins/authldap/lang/bg/settings.php +++ b/lib/plugins/authldap/lang/bg/settings.php @@ -1,7 +1,8 @@ <?php + /** - * Bulgarian language file - * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author Kiril <neohidra@gmail.com> */ $lang['server'] = 'Вашият LDAP сървър. Име на хоста (<code>localhost</code>) или целият URL адрес (<code>ldap://сървър.tld:389</code>)'; @@ -16,4 +17,4 @@ $lang['referrals'] = 'Да бъдат ли следвани преп $lang['bindpw'] = 'Парола за горния потребител'; $lang['userscope'] = 'Ограничаване на обхвата за търсене на потребители'; $lang['groupscope'] = 'Ограничаване на обхвата за търсене на потребителски групи'; -$lang['debug'] = 'Показване на допълнителна debug информация при грешка';
\ No newline at end of file +$lang['debug'] = 'Показване на допълнителна debug информация при грешка'; diff --git a/lib/plugins/authldap/lang/da/settings.php b/lib/plugins/authldap/lang/da/settings.php index a3558aa5c..b736504a5 100644 --- a/lib/plugins/authldap/lang/da/settings.php +++ b/lib/plugins/authldap/lang/da/settings.php @@ -4,6 +4,12 @@ * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) * * @author Jens Hyllegaard <jens.hyllegaard@gmail.com> + * @author soer9648 <soer9648@eucl.dk> */ $lang['server'] = 'Din LDAP server. Enten værtsnavn (<code>localhost</code>) eller fuld kvalificeret URL (<code>ldap://server.tld:389</code>)'; +$lang['port'] = 'LDAP server port, hvis der ikke er angivet en komplet URL ovenfor.'; +$lang['usertree'] = 'Hvor findes brugerkonti. F.eks. <code>ou=Personer, dc=server, dc=tld</code>'; +$lang['grouptree'] = 'Hvor findes brugergrupper. F.eks. <code>ou=Grupper, dc=server, dc=tld</code>'; +$lang['starttls'] = 'Benyt TLS forbindelser?'; +$lang['bindpw'] = 'Kodeord til ovenstående bruger'; $lang['debug'] = 'Vis yderligere debug output ved fejl'; diff --git a/lib/plugins/authldap/lang/es/settings.php b/lib/plugins/authldap/lang/es/settings.php new file mode 100644 index 000000000..f8c3ad014 --- /dev/null +++ b/lib/plugins/authldap/lang/es/settings.php @@ -0,0 +1,13 @@ +<?php + +/** + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * + * @author Antonio Bueno <atnbueno@gmail.com> + */ +$lang['starttls'] = 'Usar conexiones TLS?'; +$lang['debug'] = 'Mostrar información adicional para depuración de errores'; +$lang['deref_o_0'] = 'LDAP_DEREF_NEVER'; +$lang['deref_o_1'] = 'LDAP_DEREF_SEARCHING'; +$lang['deref_o_2'] = 'LDAP_DEREF_FINDING'; +$lang['deref_o_3'] = 'LDAP_DEREF_ALWAYS'; diff --git a/lib/plugins/authldap/lang/fi/settings.php b/lib/plugins/authldap/lang/fi/settings.php index d3aa13e07..b15d8c676 100644 --- a/lib/plugins/authldap/lang/fi/settings.php +++ b/lib/plugins/authldap/lang/fi/settings.php @@ -1,6 +1,11 @@ <?php + /** - * Finnish language file - * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author Otto Vainio <otto@valjakko.net> */ +$lang['starttls'] = 'Käytä TLS yhteyttä'; +$lang['bindpw'] = 'Ylläolevan käyttäjän salasana'; +$lang['userscope'] = 'Etsi vain käyttäjiä'; +$lang['groupscope'] = 'Etsi vain ryhmiä'; diff --git a/lib/plugins/authldap/lang/he/settings.php b/lib/plugins/authldap/lang/he/settings.php new file mode 100644 index 000000000..357a58c56 --- /dev/null +++ b/lib/plugins/authldap/lang/he/settings.php @@ -0,0 +1,8 @@ +<?php + +/** + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * + * @author matt carroll <matt.carroll@gmail.com> + */ +$lang['starttls'] = 'השתמש בחיבורי TLS'; diff --git a/lib/plugins/authldap/lang/it/settings.php b/lib/plugins/authldap/lang/it/settings.php index 023159489..eba7cde6e 100644 --- a/lib/plugins/authldap/lang/it/settings.php +++ b/lib/plugins/authldap/lang/it/settings.php @@ -4,6 +4,7 @@ * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) * * @author Edmondo Di Tucci <snarchio@gmail.com> + * @author Claudio Lanconelli <lancos@libero.it> */ $lang['server'] = 'Il tuo server LDAP. Inserire o l\'hostname (<code>localhost</code>) oppure un URL completo (<code>ldap://server.tld:389</code>)'; $lang['port'] = 'Porta del server LDAP se non è stato fornito un URL completo più sopra.'; @@ -13,3 +14,6 @@ $lang['userfilter'] = 'Filtro per cercare l\'account utente LDAP. Eg. $lang['groupfilter'] = 'Filtro per cercare i gruppi LDAP. Eg. <code>(&(objectClass=posixGroup)(|(gidNumber=%{gid})(memberUID=%{user})))</code>'; $lang['version'] = 'Versione protocollo da usare. Pu<code>3</code>'; $lang['starttls'] = 'Usare la connessione TSL?'; +$lang['userscope'] = 'Limita il contesto di ricerca per la ricerca degli utenti'; +$lang['groupscope'] = 'Limita il contesto di ricerca per la ricerca dei gruppi'; +$lang['debug'] = 'In caso di errori mostra ulteriori informazioni di debug'; diff --git a/lib/plugins/authldap/lang/ko/settings.php b/lib/plugins/authldap/lang/ko/settings.php index 5c5341b31..ae8dc7ab6 100644 --- a/lib/plugins/authldap/lang/ko/settings.php +++ b/lib/plugins/authldap/lang/ko/settings.php @@ -17,8 +17,8 @@ $lang['referrals'] = '참고(referrals)를 허용하겠습니까? '; $lang['deref'] = '어떻게 별명을 간접 참고하겠습니까?'; $lang['binddn'] = '익명 바인드가 충분하지 않으면 선택적인 바인드 사용자의 DN. 예를 들어 <code>cn=admin, dc=my, dc=home</code>'; $lang['bindpw'] = '위 사용자의 비밀번호'; -$lang['userscope'] = '사용자 찾기에 대한 찾기 범위 제한'; -$lang['groupscope'] = '그룹 찾기에 대한 찾기 범위 제한'; +$lang['userscope'] = '사용자 검색에 대한 검색 범위 제한'; +$lang['groupscope'] = '그룹 검색에 대한 검색 범위 제한'; $lang['groupkey'] = '(표준 AD 그룹 대신) 사용자 속성에서 그룹 구성원. 예를 들어 부서나 전화에서 그룹'; $lang['debug'] = '오류에 대한 추가적인 디버그 정보를 보이기'; $lang['deref_o_0'] = 'LDAP_DEREF_NEVER'; diff --git a/lib/plugins/authldap/lang/pl/settings.php b/lib/plugins/authldap/lang/pl/settings.php index 44641f514..084521e0d 100644 --- a/lib/plugins/authldap/lang/pl/settings.php +++ b/lib/plugins/authldap/lang/pl/settings.php @@ -1,7 +1,8 @@ <?php + /** - * Polish language file - * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * */ $lang['starttls'] = 'Użyć połączeń TLS?'; $lang['bindpw'] = 'Hasło powyższego użytkownika'; diff --git a/lib/plugins/authldap/lang/ru/settings.php b/lib/plugins/authldap/lang/ru/settings.php index 70ad7b6f4..2b93e0fd4 100644 --- a/lib/plugins/authldap/lang/ru/settings.php +++ b/lib/plugins/authldap/lang/ru/settings.php @@ -5,5 +5,7 @@ * * @author Ivan I. Udovichenko (sendtome@mymailbox.pp.ua) * @author Aleksandr Selivanov <alexgearbox@gmail.com> + * @author Erli Moen <evseev.jr@gmail.com> */ +$lang['deref'] = 'Как расшифровывать псевдонимы?'; $lang['bindpw'] = 'Пароль для указанного пользователя.'; diff --git a/lib/plugins/authldap/lang/sk/settings.php b/lib/plugins/authldap/lang/sk/settings.php index 48bd37395..c44f07e97 100644 --- a/lib/plugins/authldap/lang/sk/settings.php +++ b/lib/plugins/authldap/lang/sk/settings.php @@ -13,7 +13,13 @@ $lang['userfilter'] = 'LDAP filter pre vyhľadávanie používateľsk $lang['groupfilter'] = 'LDAP filter pre vyhľadávanie skupín. Napr. <code>(&(objectClass=posixGroup)(|(gidNumber=%{gid})(memberUID=%{user})))</code>'; $lang['version'] = 'Použitá verzia protokolu. Možno bude potrebné nastaviť na hodnotu <code>3</code>'; $lang['starttls'] = 'Použiť TLS pripojenie?'; +$lang['referrals'] = 'Majú byť nasledované odkazy na používateľov (referrals)?'; +$lang['deref'] = 'Ako previesť aliasy?'; +$lang['binddn'] = 'DN prípadného priradenia používateľa, ak anonymné priradenie nie je dostatočné. Napr. <code>cn=admin, dc=my, dc=home</code>'; $lang['bindpw'] = 'Heslo vyššie uvedeného používateľa'; +$lang['userscope'] = 'Obmedzenie oblasti pri vyhľadávaní používateľa'; +$lang['groupscope'] = 'Obmedzenie oblasti pri vyhľadávaní skupiny'; +$lang['groupkey'] = 'Príslušnost k skupine určená z daného atribútu používateľa (namiesto štandardnej AD skupiny) napr. skupiny podľa oddelenia alebo telefónneho čísla'; $lang['debug'] = 'Zobraziť doplňujúce ladiace informácie pri chybe'; $lang['deref_o_0'] = 'LDAP_DEREF_NEVER'; $lang['deref_o_1'] = 'LDAP_DEREF_SEARCHING'; diff --git a/lib/plugins/authldap/lang/zh-tw/settings.php b/lib/plugins/authldap/lang/zh-tw/settings.php index d2513eeff..7e35ef632 100644 --- a/lib/plugins/authldap/lang/zh-tw/settings.php +++ b/lib/plugins/authldap/lang/zh-tw/settings.php @@ -1,5 +1,4 @@ <?php - /** * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) * @@ -20,3 +19,8 @@ $lang['userscope'] = '限制使用者搜索的範圍'; $lang['groupscope'] = '限制群組搜索的範圍'; $lang['groupkey'] = '以其他使用者屬性 (而非標準 AD 群組) 來把使用者分組,例如以部門或電話號碼分類'; $lang['debug'] = '有錯誤時,顯示額外除錯資訊'; + +$lang['deref_o_0'] = 'LDAP_DEREF_NEVER'; +$lang['deref_o_1'] = 'LDAP_DEREF_SEARCHING'; +$lang['deref_o_2'] = 'LDAP_DEREF_FINDING'; +$lang['deref_o_3'] = 'LDAP_DEREF_ALWAYS'; diff --git a/lib/plugins/authldap/lang/zh/settings.php b/lib/plugins/authldap/lang/zh/settings.php index 77c2c6952..cdaf3dc64 100644 --- a/lib/plugins/authldap/lang/zh/settings.php +++ b/lib/plugins/authldap/lang/zh/settings.php @@ -4,6 +4,7 @@ * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) * * @author lainme <lainme993@gmail.com> + * @author oott123 <ip.192.168.1.1@qq.com> */ $lang['server'] = '您的 LDAP 服务器。填写主机名 (<code>localhost</code>) 或者完整的 URL (<code>ldap://server.tld:389</code>)'; $lang['port'] = 'LDAP 服务器端口 (如果上面没有给出完整的 URL)'; @@ -14,6 +15,7 @@ $lang['groupfilter'] = '用于搜索组的 LDAP 筛选器。例如 <co $lang['version'] = '使用的协议版本。您或许需要设置为 <code>3</code>'; $lang['starttls'] = '使用 TLS 连接?'; $lang['referrals'] = '是否允许引用 (referrals)?'; +$lang['deref'] = '如何间接引用别名?'; $lang['binddn'] = '一个可选的绑定用户的 DN (如果匿名绑定不满足要求)。例如 <code>cn=admin, dc=my, dc=home</code>'; $lang['bindpw'] = '上述用户的密码'; $lang['userscope'] = '限制用户搜索的范围'; diff --git a/lib/plugins/authmysql/lang/bg/settings.php b/lib/plugins/authmysql/lang/bg/settings.php index fcc7f625d..cd6370218 100644 --- a/lib/plugins/authmysql/lang/bg/settings.php +++ b/lib/plugins/authmysql/lang/bg/settings.php @@ -1,8 +1,10 @@ <?php + /** - * Bulgarian language file - * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author Kiril <neohidra@gmail.com> + * @author Ivan Peltekov <ivan.peltekov@abv.bg> */ $lang['server'] = 'Вашият MySQL сървър'; $lang['user'] = 'MySQL потребителско име'; @@ -10,8 +12,8 @@ $lang['password'] = 'Парола за горния потреби $lang['database'] = 'Име на базата от данни'; $lang['charset'] = 'Набор от знаци, който се ползва в базата от данни'; $lang['debug'] = 'Показване на допълнителна debug информация'; - - -$lang['debug_o_0'] = 'не'; -$lang['debug_o_1'] = 'само при грешка'; -$lang['debug_o_2'] = 'за всяко SQL запитване';
\ No newline at end of file +$lang['checkPass'] = 'SQL заявка за проверка на паролите'; +$lang['getUserInfo'] = 'SQL заявка за извличане на информация за потребителя н'; +$lang['debug_o_0'] = 'не'; +$lang['debug_o_1'] = 'само при грешка'; +$lang['debug_o_2'] = 'за всяко SQL запитване'; diff --git a/lib/plugins/authmysql/lang/da/settings.php b/lib/plugins/authmysql/lang/da/settings.php index 207d0ff60..1e38cb6b4 100644 --- a/lib/plugins/authmysql/lang/da/settings.php +++ b/lib/plugins/authmysql/lang/da/settings.php @@ -2,10 +2,25 @@ /** * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) - * + * * @author Jens Hyllegaard <jens.hyllegaard@gmail.com> + * @author soer9648 <soer9648@eucl.dk> */ $lang['server'] = 'Din MySQL server'; +$lang['user'] = 'MySQL brugernavn'; +$lang['password'] = 'Kodeord til ovenstående bruger'; +$lang['database'] = 'Database der skal benyttes'; +$lang['charset'] = 'Tegnsæt benyttet i database'; +$lang['checkPass'] = 'SQL-sætning til at kontrollere kodeord'; +$lang['getUserInfo'] = 'SQL-sætning til at hente brugerinformation'; +$lang['getUsers'] = 'SQL-sætning til at liste alle brugere'; +$lang['addUser'] = 'SQL-sætning til at tilføje en ny bruger'; +$lang['addGroup'] = 'SQL-sætning til at tilføje en ny gruppe'; +$lang['addUserGroup'] = 'SQL-sætning til at tilføje en bruger til en eksisterende gruppe'; +$lang['delGroup'] = 'SQL-sætning til at fjerne en gruppe'; +$lang['delUser'] = 'SQL-sætning til at slette en bruger'; +$lang['delUserRefs'] = 'SQL-sætning til at fjerne en bruger fra alle grupper'; +$lang['updateUser'] = 'SQL-sætning til at opdatere en brugerprofil'; $lang['debug'] = 'Vis yderligere debug output'; $lang['debug_o_0'] = 'ingen'; $lang['debug_o_1'] = 'kun ved fejl'; diff --git a/lib/plugins/authmysql/lang/es/settings.php b/lib/plugins/authmysql/lang/es/settings.php new file mode 100644 index 000000000..64d422102 --- /dev/null +++ b/lib/plugins/authmysql/lang/es/settings.php @@ -0,0 +1,12 @@ +<?php + +/** + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * + * @author Antonio Bueno <atnbueno@gmail.com> + */ +$lang['server'] = 'Tu servidor MySQL'; +$lang['user'] = 'Nombre de usuario MySQL'; +$lang['database'] = 'Base de datos a usar'; +$lang['charset'] = 'Codificación usada en la base de datos'; +$lang['debug'] = 'Mostrar información adicional para depuración de errores'; diff --git a/lib/plugins/authmysql/lang/hu/settings.php b/lib/plugins/authmysql/lang/hu/settings.php index 4edceae1e..5936203fa 100644 --- a/lib/plugins/authmysql/lang/hu/settings.php +++ b/lib/plugins/authmysql/lang/hu/settings.php @@ -4,39 +4,40 @@ * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) * * @author Marton Sebok <sebokmarton@gmail.com> + * @author Marina Vladi <deldadam@gmail.com> */ $lang['server'] = 'MySQL-szerver'; $lang['user'] = 'MySQL felhasználónév'; -$lang['password'] = 'Ehhez a jelszó'; +$lang['password'] = 'Fenti felhasználó jelszava'; $lang['database'] = 'Adatbázis'; $lang['charset'] = 'Az adatbázisban használt karakterkészlet'; -$lang['debug'] = 'Debug-üzenetek megjelenítése?'; -$lang['forwardClearPass'] = 'A jelszó nyílt szövegben való átadása a következő SQL utasításokban a passcrypt opció használata helyett'; -$lang['TablesToLock'] = 'Az íráskor zárolandó táblák vesszővel elválasztott listája'; -$lang['checkPass'] = 'SQL utasítás a jelszavak ellenőrzéséhez'; -$lang['getUserInfo'] = 'SQL utasítás a felhasználói információk lekérdezéséhez'; -$lang['getGroups'] = 'SQL utasítás egy felhasználó csoporttagságainak lekérdezéséhez'; -$lang['getUsers'] = 'SQL utasítás a felhasználók listázásához'; -$lang['FilterLogin'] = 'SQL kifejezés a felhasználók azonosító alapú szűréséhez'; -$lang['FilterName'] = 'SQL kifejezés a felhasználók név alapú szűréséhez'; -$lang['FilterEmail'] = 'SQL kifejezés a felhasználók e-mail cím alapú szűréséhez'; -$lang['FilterGroup'] = 'SQL kifejezés a felhasználók csoporttagság alapú szűréséhez'; -$lang['SortOrder'] = 'SQL kifejezés a felhasználók rendezéséhez'; -$lang['addUser'] = 'SQL utasítás új felhasználó hozzáadásához'; -$lang['addGroup'] = 'SQL utasítás új csoport hozzáadásához'; -$lang['addUserGroup'] = 'SQL utasítás egy felhasználó egy meglévő csoporthoz való hozzáadásához'; -$lang['delGroup'] = 'SQL utasítás egy csoport törléséhez'; -$lang['getUserID'] = 'SQL utasítás egy felhasználó elsődleges kulcsának lekérdezéséhez'; -$lang['delUser'] = 'SQL utasítás egy felhasználó törléséhez'; -$lang['delUserRefs'] = 'SQL utasítás egy felhasználó eltávolításához az összes csoportból'; -$lang['updateUser'] = 'SQL utasítás egy felhasználó profiljának frissítéséhez'; -$lang['UpdateLogin'] = 'SQL kifejezés a felhasználó azonosítójának frissítéséhez'; -$lang['UpdatePass'] = 'SQL kifejezés a felhasználó jelszavának frissítéséhez'; -$lang['UpdateEmail'] = 'SQL kifejezés a felhasználó e-mail címének frissítéséhez'; -$lang['UpdateName'] = 'SQL kifejezés a felhasználó nevének frissítéséhez'; -$lang['UpdateTarget'] = 'SQL kifejezés a felhasználó kiválasztásához az adatok frissítésekor'; -$lang['delUserGroup'] = 'SQL utasítás egy felhasználó eltávolításához egy adott csoportból'; -$lang['getGroupID'] = 'SQL utasítás egy csoport elsődleges kulcsának lekérdezéséhez'; +$lang['debug'] = 'Hibakeresési üzenetek megjelenítése'; +$lang['forwardClearPass'] = 'A jelszó nyílt szövegként történő átadása az alábbi SQL-utasításoknak a passcrypt opció használata helyett'; +$lang['TablesToLock'] = 'Az íráskor zárolni kívánt táblák vesszővel elválasztott listája'; +$lang['checkPass'] = 'SQL-utasítás a jelszavak ellenőrzéséhez'; +$lang['getUserInfo'] = 'SQL-utasítás a felhasználói információk lekérdezéséhez'; +$lang['getGroups'] = 'SQL-utasítás egy felhasználó csoporttagságainak lekérdezéséhez'; +$lang['getUsers'] = 'SQL-utasítás a felhasználók listázásához'; +$lang['FilterLogin'] = 'SQL-kifejezés a felhasználók azonosító alapú szűréséhez'; +$lang['FilterName'] = 'SQL-kifejezés a felhasználók név alapú szűréséhez'; +$lang['FilterEmail'] = 'SQL-kifejezés a felhasználók e-mail cím alapú szűréséhez'; +$lang['FilterGroup'] = 'SQL-kifejezés a felhasználók csoporttagság alapú szűréséhez'; +$lang['SortOrder'] = 'SQL-kifejezés a felhasználók rendezéséhez'; +$lang['addUser'] = 'SQL-utasítás új felhasználó hozzáadásához'; +$lang['addGroup'] = 'SQL-utasítás új csoport hozzáadásához'; +$lang['addUserGroup'] = 'SQL-utasítás egy felhasználó egy meglévő csoporthoz való hozzáadásához'; +$lang['delGroup'] = 'SQL-utasítás egy csoport törléséhez'; +$lang['getUserID'] = 'SQL-utasítás egy felhasználó elsődleges kulcsának lekérdezéséhez'; +$lang['delUser'] = 'SQL-utasítás egy felhasználó törléséhez'; +$lang['delUserRefs'] = 'SQL-utasítás egy felhasználó eltávolításához az összes csoportból'; +$lang['updateUser'] = 'SQL-utasítás egy felhasználó profiljának frissítéséhez'; +$lang['UpdateLogin'] = 'UPDATE-klauzula a felhasználó azonosítójának frissítéséhez'; +$lang['UpdatePass'] = 'UPDATE-klauzula a felhasználó jelszavának frissítéséhez'; +$lang['UpdateEmail'] = 'UPDATE-klauzula a felhasználó e-mail címének frissítéséhez'; +$lang['UpdateName'] = 'UPDATE-klauzula a felhasználó teljes nevének frissítéséhez'; +$lang['UpdateTarget'] = 'LIMIT-klauzula a felhasználó kiválasztásához az adatok frissítésekor'; +$lang['delUserGroup'] = 'SQL-utasítás felhasználó adott csoportból történő törléséhez '; +$lang['getGroupID'] = 'SQL-utasítás adott csoport elsődleges kulcsának lekérdezéséhez'; $lang['debug_o_0'] = 'nem'; $lang['debug_o_1'] = 'csak hiba esetén'; $lang['debug_o_2'] = 'minden SQL-lekérdezésnél'; diff --git a/lib/plugins/authmysql/lang/it/settings.php b/lib/plugins/authmysql/lang/it/settings.php index 10ae72f87..e493ec7e9 100644 --- a/lib/plugins/authmysql/lang/it/settings.php +++ b/lib/plugins/authmysql/lang/it/settings.php @@ -1,5 +1,8 @@ <?php + /** - * Italian language file - * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * + * @author Claudio Lanconelli <lancos@libero.it> */ +$lang['debug'] = 'Mostra ulteriori informazioni di debug'; diff --git a/lib/plugins/authmysql/lang/ja/settings.php b/lib/plugins/authmysql/lang/ja/settings.php index 0dc5f1ad8..e5d5689df 100644 --- a/lib/plugins/authmysql/lang/ja/settings.php +++ b/lib/plugins/authmysql/lang/ja/settings.php @@ -11,7 +11,7 @@ $lang['password'] = 'MySQL 接続用ユーザーのパスワード' $lang['database'] = '使用するデータベース名'; $lang['charset'] = 'データベースの文字コード'; $lang['debug'] = 'デバック情報を表示する'; -$lang['forwardClearPass'] = '以下で定義する SQL ステートメントにおいて, パスワード変数 %{pass} を平文とする(DokiWiki側で暗号化しない)'; +$lang['forwardClearPass'] = '以下で定義する SQL ステートメントにおいて, パスワード変数 %{pass} を平文とする(DokiWiki側で暗号化しない)'; $lang['TablesToLock'] = '書き込み時にロックするテーブル(コンマ区切りで列挙)'; $lang['checkPass'] = 'パスワードの照合に用いる SQL ステートメント'; $lang['getUserInfo'] = 'ユーザー情報の取得に用いる SQL ステートメント'; diff --git a/lib/plugins/authmysql/lang/ko/settings.php b/lib/plugins/authmysql/lang/ko/settings.php index 2175c1eea..b3479ad41 100644 --- a/lib/plugins/authmysql/lang/ko/settings.php +++ b/lib/plugins/authmysql/lang/ko/settings.php @@ -4,6 +4,7 @@ * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) * * @author Myeongjin <aranet100@gmail.com> + * @author Garam <rowain8@gmail.com> */ $lang['server'] = 'MySQL 서버'; $lang['user'] = 'MySQL 사용자 이름'; @@ -17,10 +18,10 @@ $lang['checkPass'] = '비밀번호를 확인하기 위한 SQL 문'; $lang['getUserInfo'] = '사용자 정보를 가져오기 위한 SQL 문'; $lang['getGroups'] = '사용자의 그룹 구성원을 가져오기 위한 SQL 문'; $lang['getUsers'] = '모든 사용자를 나타낼 SQL 문'; -$lang['FilterLogin'] = '로그인 이름 별로 사용자를 필터하기 위한 SQL 조항'; -$lang['FilterName'] = '전체 이름 별로 사용자를 필터하기 위한 SQL 조항'; -$lang['FilterEmail'] = '이메일 주소 별로 사용자를 필터하기 위한 SQL 조항'; -$lang['FilterGroup'] = '그룹 구성원 별로 사용자를 필터하기 위한 SQL 조항'; +$lang['FilterLogin'] = '로그인 이름별로 사용자를 필터하기 위한 SQL 조항'; +$lang['FilterName'] = '전체 이름별로 사용자를 필터하기 위한 SQL 조항'; +$lang['FilterEmail'] = '이메일 주소별로 사용자를 필터하기 위한 SQL 조항'; +$lang['FilterGroup'] = '그룹 구성원별로 사용자를 필터하기 위한 SQL 조항'; $lang['SortOrder'] = '사용자를 정렬할 SQL 조항'; $lang['addUser'] = '새 사용자를 추가할 SQL 문'; $lang['addGroup'] = '새 그룹을 추가할 SQL 문'; diff --git a/lib/plugins/authmysql/lang/pl/settings.php b/lib/plugins/authmysql/lang/pl/settings.php index 93528cf34..5ae6bf168 100644 --- a/lib/plugins/authmysql/lang/pl/settings.php +++ b/lib/plugins/authmysql/lang/pl/settings.php @@ -1,7 +1,8 @@ <?php + /** - * Polish language file - * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * */ $lang['server'] = 'Twój server MySQL'; $lang['user'] = 'Nazwa użytkownika MySQL'; diff --git a/lib/plugins/authmysql/lang/sk/settings.php b/lib/plugins/authmysql/lang/sk/settings.php index 8c52f905e..d7e8cb286 100644 --- a/lib/plugins/authmysql/lang/sk/settings.php +++ b/lib/plugins/authmysql/lang/sk/settings.php @@ -34,5 +34,9 @@ $lang['UpdateLogin'] = 'SQL podmienka pre aktualizáciu prihlasovacieh $lang['UpdatePass'] = 'SQL podmienka pre aktualizáciu hesla používateľa'; $lang['UpdateEmail'] = 'SQL podmienka pre aktualizáciu emailovej adresy používateľa'; $lang['UpdateName'] = 'SQL podmienka pre aktualizáciu mena a priezviska používateľa'; +$lang['UpdateTarget'] = 'Podmienka identifikácie používateľa pri aktualizácii'; $lang['delUserGroup'] = 'SQL príkaz pre vyradenie používateľa z danej skupiny'; $lang['getGroupID'] = 'SQL príkaz pre získanie primárneho kľúča skupiny'; +$lang['debug_o_0'] = 'žiadne'; +$lang['debug_o_1'] = 'iba pri chybách'; +$lang['debug_o_2'] = 'všetky SQL dopyty'; diff --git a/lib/plugins/authpgsql/lang/bg/settings.php b/lib/plugins/authpgsql/lang/bg/settings.php index 0defdc4ff..bd6ae1cee 100644 --- a/lib/plugins/authpgsql/lang/bg/settings.php +++ b/lib/plugins/authpgsql/lang/bg/settings.php @@ -1,7 +1,8 @@ <?php + /** - * Bulgarian language file - * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author Kiril <neohidra@gmail.com> */ $lang['server'] = 'Вашият PostgreSQL сървър'; @@ -9,4 +10,4 @@ $lang['port'] = 'Порт за PostgreSQL сървъра'; $lang['user'] = 'PostgreSQL потребител'; $lang['password'] = 'Парола за горния потребител'; $lang['database'] = 'Име на базата от данни'; -$lang['debug'] = 'Показване на допълнителна debug информация';
\ No newline at end of file +$lang['debug'] = 'Показване на допълнителна debug информация'; diff --git a/lib/plugins/authpgsql/lang/da/settings.php b/lib/plugins/authpgsql/lang/da/settings.php index 76c08a734..007174815 100644 --- a/lib/plugins/authpgsql/lang/da/settings.php +++ b/lib/plugins/authpgsql/lang/da/settings.php @@ -4,7 +4,19 @@ * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) * * @author Jens Hyllegaard <jens.hyllegaard@gmail.com> + * @author soer9648 <soer9648@eucl.dk> */ $lang['server'] = 'Din PostgresSQL server'; $lang['port'] = 'Din PostgresSQL servers port'; +$lang['password'] = 'Kodeord til ovenstående bruger'; +$lang['database'] = 'Database der skal benyttes'; $lang['debug'] = 'Vis yderligere debug output'; +$lang['checkPass'] = 'SQL-sætning til at kontrollere kodeord'; +$lang['getUsers'] = 'SQL-sætning til at liste alle brugere'; +$lang['addUser'] = 'SQL-sætning til at tilføje en ny bruger'; +$lang['addGroup'] = 'SQL-sætning til at tilføje en ny gruppe'; +$lang['addUserGroup'] = 'SQL-sætning til at tilføje en bruger til en eksisterende gruppe'; +$lang['delGroup'] = 'SQL-sætning til at fjerne en gruppe'; +$lang['delUser'] = 'SQL-sætning til at slette en bruger'; +$lang['delUserRefs'] = 'SQL-sætning til at fjerne en bruger fra alle grupper'; +$lang['updateUser'] = 'SQL-sætning til at opdatere en brugerprofil'; diff --git a/lib/plugins/authpgsql/lang/hu/settings.php b/lib/plugins/authpgsql/lang/hu/settings.php index ff62a7016..213fc8751 100644 --- a/lib/plugins/authpgsql/lang/hu/settings.php +++ b/lib/plugins/authpgsql/lang/hu/settings.php @@ -4,35 +4,36 @@ * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) * * @author Marton Sebok <sebokmarton@gmail.com> + * @author Marina Vladi <deldadam@gmail.com> */ -$lang['server'] = 'PostgreSQL-szerver'; -$lang['port'] = 'PostgreSQL-port'; -$lang['user'] = 'PostgreSQL felhasználónév'; -$lang['password'] = 'Ehhez a jelszó'; +$lang['server'] = 'PostgreSQL-kiszolgáló'; +$lang['port'] = 'PostgreSQL-kiszolgáló portja'; +$lang['user'] = 'PostgreSQL-felhasználónév'; +$lang['password'] = 'Fenti felhasználó jelszava'; $lang['database'] = 'Adatbázis'; -$lang['debug'] = 'Debug-üzenetek megjelenítése?'; +$lang['debug'] = 'Hibakeresési üzenetek megjelenítése'; $lang['forwardClearPass'] = 'A jelszó nyílt szövegben való átadása a következő SQL utasításokban a passcrypt opció használata helyett'; -$lang['checkPass'] = 'SQL utasítás a jelszavak ellenőrzéséhez'; -$lang['getUserInfo'] = 'SQL utasítás a felhasználói információk lekérdezéséhez'; -$lang['getGroups'] = 'SQL utasítás egy felhasználó csoporttagságainak lekérdezéséhez'; -$lang['getUsers'] = 'SQL utasítás a felhasználók listázásához'; -$lang['FilterLogin'] = 'SQL kifejezés a felhasználók azonosító alapú szűréséhez'; -$lang['FilterName'] = 'SQL kifejezés a felhasználók név alapú szűréséhez'; -$lang['FilterEmail'] = 'SQL kifejezés a felhasználók e-mail cím alapú szűréséhez'; -$lang['FilterGroup'] = 'SQL kifejezés a felhasználók csoporttagság alapú szűréséhez'; -$lang['SortOrder'] = 'SQL kifejezés a felhasználók rendezéséhez'; -$lang['addUser'] = 'SQL utasítás új felhasználó hozzáadásához'; -$lang['addGroup'] = 'SQL utasítás új csoport hozzáadásához'; -$lang['addUserGroup'] = 'SQL utasítás egy felhasználó egy meglévő csoporthoz való hozzáadásához'; -$lang['delGroup'] = 'SQL utasítás egy csoport törléséhez'; -$lang['getUserID'] = 'SQL utasítás egy felhasználó elsődleges kulcsának lekérdezéséhez'; -$lang['delUser'] = 'SQL utasítás egy felhasználó törléséhez'; -$lang['delUserRefs'] = 'SQL utasítás egy felhasználó eltávolításához az összes csoportból'; -$lang['updateUser'] = 'SQL utasítás egy felhasználó profiljának frissítéséhez'; -$lang['UpdateLogin'] = 'SQL kifejezés a felhasználó azonosítójának frissítéséhez'; -$lang['UpdatePass'] = 'SQL kifejezés a felhasználó jelszavának frissítéséhez'; -$lang['UpdateEmail'] = 'SQL kifejezés a felhasználó e-mail címének frissítéséhez'; -$lang['UpdateName'] = 'SQL kifejezés a felhasználó nevének frissítéséhez'; -$lang['UpdateTarget'] = 'SQL kifejezés a felhasználó kiválasztásához az adatok frissítésekor'; -$lang['delUserGroup'] = 'SQL utasítás egy felhasználó eltávolításához egy adott csoportból'; -$lang['getGroupID'] = 'SQL utasítás egy csoport elsődleges kulcsának lekérdezéséhez'; +$lang['checkPass'] = 'SQL-utasítás a jelszavak ellenőrzéséhez'; +$lang['getUserInfo'] = 'SQL-utasítás a felhasználói információk lekérdezéséhez'; +$lang['getGroups'] = 'SQL-utasítás egy felhasználó csoporttagságainak lekérdezéséhez'; +$lang['getUsers'] = 'SQL-utasítás a felhasználók listázásához'; +$lang['FilterLogin'] = 'SQL-kifejezés a felhasználók azonosító alapú szűréséhez'; +$lang['FilterName'] = 'SQL-klauzula a felhasználók név alapú szűréséhez'; +$lang['FilterEmail'] = 'SQL-klauzula a felhasználók e-mail cím alapú szűréséhez'; +$lang['FilterGroup'] = 'SQL-klauzula a felhasználók csoporttagság alapú szűréséhez'; +$lang['SortOrder'] = 'SQL-klauzula a felhasználók rendezéséhez'; +$lang['addUser'] = 'SQL-klauzula új felhasználó hozzáadásához'; +$lang['addGroup'] = 'SQL-klauzula új csoport hozzáadásához'; +$lang['addUserGroup'] = 'SQL-utasítás felhasználó meglévő csoporthoz való hozzáadásához'; +$lang['delGroup'] = 'SQL-utasítás csoport törléséhez'; +$lang['getUserID'] = 'SQL-utasítás felhasználó elsődleges kulcsának lekérdezéséhez'; +$lang['delUser'] = 'SQL-utasítás felhasználó törléséhez'; +$lang['delUserRefs'] = 'SQL-utasítás felhasználó összes csoportból való törléséhez'; +$lang['updateUser'] = 'SQL-utasítás felhasználó profiljának frissítéséhez'; +$lang['UpdateLogin'] = 'UPDATE-klauzula felhasználók azonosítójának frissítéséhez'; +$lang['UpdatePass'] = 'UPDATE-klauzula felhasználók jelszavának frissítéséhez'; +$lang['UpdateEmail'] = 'UPDATE-klauzula felhasználók e-mailcímének frissítéséhez'; +$lang['UpdateName'] = 'SQL-kifejezés a felhasználó nevének frissítéséhez'; +$lang['UpdateTarget'] = 'SQL-kifejezés a felhasználó kiválasztásához az adatok frissítésekor'; +$lang['delUserGroup'] = 'SQL-utasítás egy felhasználó eltávolításához egy adott csoportból'; +$lang['getGroupID'] = 'SQL-utasítás egy csoport elsődleges kulcsának lekérdezéséhez'; diff --git a/lib/plugins/authpgsql/lang/ja/settings.php b/lib/plugins/authpgsql/lang/ja/settings.php index 2ce63a34a..d7a5f6cf2 100644 --- a/lib/plugins/authpgsql/lang/ja/settings.php +++ b/lib/plugins/authpgsql/lang/ja/settings.php @@ -11,7 +11,7 @@ $lang['user'] = 'PostgreSQL 接続用ユーザー名'; $lang['password'] = 'PostgreSQL 接続用ユーザーのパスワード'; $lang['database'] = '使用するデータベース名'; $lang['debug'] = 'デバック情報を表示する'; -$lang['forwardClearPass'] = '以下で定義する SQL ステートメントにおいて, パスワード変数 %{pass} を平文とする(DokiWiki側で暗号化しない)'; +$lang['forwardClearPass'] = '以下で定義する SQL ステートメントにおいて, パスワード変数 %{pass} を平文とする(DokiWiki側で暗号化しない)'; $lang['checkPass'] = 'パスワードの照合に用いる SQL ステートメント'; $lang['getUserInfo'] = 'ユーザー情報の取得に用いる SQL ステートメント'; $lang['getGroups'] = 'ユーザーが所属する全てのグループの取得に用いる SQL ステートメント'; diff --git a/lib/plugins/authpgsql/lang/ko/settings.php b/lib/plugins/authpgsql/lang/ko/settings.php index bdd8c2718..bdf38b3c7 100644 --- a/lib/plugins/authpgsql/lang/ko/settings.php +++ b/lib/plugins/authpgsql/lang/ko/settings.php @@ -4,6 +4,7 @@ * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) * * @author Myeongjin <aranet100@gmail.com> + * @author Garam <rowain8@gmail.com> */ $lang['server'] = 'PostgreSQL 서버'; $lang['port'] = 'PostgreSQL 서버의 포트'; @@ -16,10 +17,10 @@ $lang['checkPass'] = '비밀번호를 확인하기 위한 SQL 문'; $lang['getUserInfo'] = '사용자 정보를 가져오기 위한 SQL 문'; $lang['getGroups'] = '사용자의 그룹 구성원을 가져오기 위한 SQL 문'; $lang['getUsers'] = '모든 사용자를 나타낼 SQL 문'; -$lang['FilterLogin'] = '로그인 이름 별로 사용자를 필터하기 위한 SQL 조항'; -$lang['FilterName'] = '전체 이름 별로 사용자를 필터하기 위한 SQL 조항'; -$lang['FilterEmail'] = '이메일 주소 별로 사용자를 필터하기 위한 SQL 조항'; -$lang['FilterGroup'] = '그룹 구성원 별로 사용자를 필터하기 위한 SQL 조항'; +$lang['FilterLogin'] = '로그인 이름별로 사용자를 필터하기 위한 SQL 조항'; +$lang['FilterName'] = '전체 이름별로 사용자를 필터하기 위한 SQL 조항'; +$lang['FilterEmail'] = '이메일 주소별로 사용자를 필터하기 위한 SQL 조항'; +$lang['FilterGroup'] = '그룹 구성원별로 사용자를 필터하기 위한 SQL 조항'; $lang['SortOrder'] = '사용자를 정렬할 SQL 조항'; $lang['addUser'] = '새 사용자를 추가할 SQL 문'; $lang['addGroup'] = '새 그룹을 추가할 SQL 문'; diff --git a/lib/plugins/authpgsql/lang/sk/settings.php b/lib/plugins/authpgsql/lang/sk/settings.php index 9d656415d..861d1237d 100644 --- a/lib/plugins/authpgsql/lang/sk/settings.php +++ b/lib/plugins/authpgsql/lang/sk/settings.php @@ -33,5 +33,6 @@ $lang['UpdateLogin'] = 'SQL podmienka pre aktualizáciu prihlasovacieh $lang['UpdatePass'] = 'SQL podmienka pre aktualizáciu hesla používateľa'; $lang['UpdateEmail'] = 'SQL podmienka pre aktualizáciu emailovej adresy používateľa'; $lang['UpdateName'] = 'SQL podmienka pre aktualizáciu mena a priezviska používateľa'; +$lang['UpdateTarget'] = 'Podmienka identifikácie používateľa pri aktualizácii'; $lang['delUserGroup'] = 'SQL príkaz pre vyradenie používateľa z danej skupiny'; $lang['getGroupID'] = 'SQL príkaz pre získanie primárneho kľúča skupiny'; diff --git a/lib/plugins/config/lang/ko/lang.php b/lib/plugins/config/lang/ko/lang.php index ac52090e3..0cdaca90d 100644 --- a/lib/plugins/config/lang/ko/lang.php +++ b/lib/plugins/config/lang/ko/lang.php @@ -71,7 +71,7 @@ $lang['deaccent'] = '문서 이름을 지우는 방법'; $lang['useheading'] = '문서 이름으로 첫 문단 제목 사용'; $lang['sneaky_index'] = '기본적으로 도쿠위키는 색인 목록에 모든 이름공간을 보여줍니다. 이 옵션을 설정하면 사용자가 읽기 권한을 가지고 있지 않은 이름공간은 보여주지 않습니다. 접근 가능한 하위 이름공간을 보이지 않게 설정하면 자동으로 설정됩니다. 특정 ACL 설정은 색인 사용이 불가능하게 할 수도 있습니다.'; -$lang['hidepages'] = '사이트맵과 기타 자동 색인과 같은 찾기에서 정규 표현식과 일치하는 문서 숨기기'; +$lang['hidepages'] = '검색, 사이트맵과 기타 자동 색인에서 정규 표현식과 일치하는 문서 숨기기'; $lang['useacl'] = '접근 제어 목록 (ACL) 사용'; $lang['autopasswd'] = '자동으로 만들어진 비밀번호'; $lang['authtype'] = '인증 백-엔드'; @@ -137,7 +137,7 @@ $lang['gzip_output'] = 'xhml 내용 gzip 압축 사용'; $lang['compress'] = '최적화된 CSS, 자바스크립트 출력'; $lang['cssdatauri'] = '그림이 렌더링될 최대 용량 크기를 CSS에 규정해야 HTTP 요청 헤더 오버헤드 크기를 감소시킬 수 있습니다. 이 기술은 IE 7 이하에서는 작동하지 않습니다! <code>400</code>에서 <code>600</code> 정도면 좋은 효율을 가져옵니다. <code>0</code>로 지정할 경우 비활성화 됩니다.'; $lang['send404'] = '존재하지 않는 페이지에 대해 "HTTP 404/페이지를 찾을 수 없습니다" 응답'; -$lang['broken_iua'] = '설치된 시스템에서 ignore_user_abort 기능에 문제가 있습니까? 문제가 있다면 색인이 정상적으로 동작하지 않습니다. 이 기능이 IIS+PHP/CGI에서 문제가 있는 것으로 알려졌습니다. 자세한 정보는 <a href="http://bugs.dokuwiki.org/?do=details&task_id=852">버그 852</a>를 참고하시기 바랍니다.'; +$lang['broken_iua'] = '설치된 시스템에서 ignore_user_abort 기능에 문제가 있습니까? 문제가 있다면 검색 색인이 정상적으로 동작하지 않습니다. 이 기능이 IIS+PHP/CGI에서 문제가 있는 것으로 알려졌습니다. 자세한 정보는 <a href="http://bugs.dokuwiki.org/?do=details&task_id=852">버그 852</a>를 참고하시기 바랍니다.'; $lang['xsendfile'] = '웹 서버가 정적 파일을 제공하도록 X-Sendfile 헤더를 사용하겠습니까? 웹 서버가 이 기능을 지원해야 합니다.'; $lang['renderer_xhtml'] = '주 (xhtml) 위키 출력 처리기'; $lang['renderer__core'] = '%s (도쿠위키 내부)'; diff --git a/lib/plugins/config/settings/config.class.php b/lib/plugins/config/settings/config.class.php index a5a11cda1..05f8470f7 100644 --- a/lib/plugins/config/settings/config.class.php +++ b/lib/plugins/config/settings/config.class.php @@ -330,8 +330,7 @@ if (!class_exists('configuration')) { foreach ($this->get_plugin_list() as $plugin) { $plugin_dir = plugin_directory($plugin); if (@file_exists(DOKU_PLUGIN.$plugin_dir.$file)){ - $conf = array(); - @include(DOKU_PLUGIN.$plugin_dir.$file); + $conf = $this->_read_config(DOKU_PLUGIN.$plugin_dir.$file); foreach ($conf as $key => $value){ $default['plugin'.CM_KEYMARKER.$plugin.CM_KEYMARKER.$key] = $value; } @@ -340,8 +339,7 @@ if (!class_exists('configuration')) { // the same for the active template if (@file_exists(tpl_incdir().$file)){ - $conf = array(); - @include(tpl_incdir().$file); + $conf = $this->_read_config(tpl_incdir().$file); foreach ($conf as $key => $value){ $default['tpl'.CM_KEYMARKER.$tpl.CM_KEYMARKER.$key] = $value; } diff --git a/lib/plugins/plugin/classes/ap_download.class.php b/lib/plugins/plugin/classes/ap_download.class.php index 3cc455867..b1be11506 100644 --- a/lib/plugins/plugin/classes/ap_download.class.php +++ b/lib/plugins/plugin/classes/ap_download.class.php @@ -24,7 +24,7 @@ class ap_download extends ap_manage { ptln('<h2>'.$this->lang['downloading'].'</h2>'); if ($this->manager->error) { - ptln('<div class="error">'.str_replace("\n","<br />",$this->manager->error).'</div>'); + ptln('<div class="error">'.str_replace("\n","<br />",hsc($this->manager->error)).'</div>'); } else if (count($this->downloaded) == 1) { ptln('<p>'.sprintf($this->lang['downloaded'],$this->downloaded[0]).'</p>'); } else if (count($this->downloaded)) { // more than one plugin in the download diff --git a/lib/plugins/plugin/lang/bg/lang.php b/lib/plugins/plugin/lang/bg/lang.php index 09ac35229..0e6a4cd28 100644 --- a/lib/plugins/plugin/lang/bg/lang.php +++ b/lib/plugins/plugin/lang/bg/lang.php @@ -1,8 +1,8 @@ <?php + /** - * bulgarian language file - * * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author Nikolay Vladimirov <nikolay@vladimiroff.com> * @author Viktor Usunov <usun0v@mail.bg> * @author Kiril <neohidra@gmail.com> diff --git a/lib/plugins/plugin/lang/fi/lang.php b/lib/plugins/plugin/lang/fi/lang.php index 923029a6f..f51746faa 100644 --- a/lib/plugins/plugin/lang/fi/lang.php +++ b/lib/plugins/plugin/lang/fi/lang.php @@ -1,7 +1,8 @@ <?php + /** - * Finnish language file - * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author otto@valjakko.net * @author Otto Vainio <otto@valjakko.net> * @author Teemu Mattila <ghcsystems@gmail.com> diff --git a/lib/plugins/plugin/lang/hu/admin_plugin.txt b/lib/plugins/plugin/lang/hu/admin_plugin.txt index afa08d349..cf4a3b316 100644 --- a/lib/plugins/plugin/lang/hu/admin_plugin.txt +++ b/lib/plugins/plugin/lang/hu/admin_plugin.txt @@ -1,4 +1,4 @@ ====== Bővítménykezelő ====== -Ezen az oldalon a Dokuwiki [[doku>plugins|bővítményeivel]] kapcsolatos teendőket láthatod el. A webszervernek tudni kell írnia a //plugin// könyvtárat, hogy új bővítményeket tudj ezen a felületen keresztül letölteni és telepíteni. +Ezen az oldalon a Dokuwiki [[doku>plugins|bővítményeivel]] kapcsolatos teendőket láthatod el. A webkiszolgálónak tudnia kell írni a //plugin// könyvtárba az új bővítmények letöltéséhez és telepítéséhez. diff --git a/lib/plugins/plugin/lang/hu/lang.php b/lib/plugins/plugin/lang/hu/lang.php index b8fa2cdbe..7fb237a32 100644 --- a/lib/plugins/plugin/lang/hu/lang.php +++ b/lib/plugins/plugin/lang/hu/lang.php @@ -10,6 +10,7 @@ * @author Sándor TIHANYI <stihanyi+dw@gmail.com> * @author David Szabo <szabo.david@gyumolcstarhely.hu> * @author Marton Sebok <sebokmarton@gmail.com> + * @author Marina Vladi <deldadam@gmail.com> */ $lang['menu'] = 'Bővítménykezelő'; $lang['download'] = 'Új bővítmény letöltése és telepítése'; @@ -20,19 +21,19 @@ $lang['btn_delete'] = 'törlés'; $lang['btn_settings'] = 'beállítások'; $lang['btn_download'] = 'Letöltés'; $lang['btn_enable'] = 'Mentés'; -$lang['url'] = 'Cím'; +$lang['url'] = 'URL-cím'; $lang['installed'] = 'Telepítve:'; $lang['lastupdate'] = 'Utolsó frissítés:'; $lang['source'] = 'Forrás:'; $lang['unknown'] = 'ismeretlen'; $lang['updating'] = 'Frissítés...'; -$lang['updated'] = 'A %s bővítmény frissítése sikeres'; +$lang['updated'] = 'A(z) %s bővítmény frissítése sikeres.'; $lang['updates'] = 'A következő bővítmények frissítése sikeres:'; $lang['update_none'] = 'Nem találtam újabb verziót.'; $lang['deleting'] = 'Törlés...'; -$lang['deleted'] = 'A %s bővítményt eltávolítva.'; +$lang['deleted'] = 'A(z) %s bővítményt eltávolítva.'; $lang['downloading'] = 'Letöltés...'; -$lang['downloaded'] = 'A %s bővítmény telepítése sikeres.'; +$lang['downloaded'] = 'A(z) %s bővítmény telepítése sikeres.'; $lang['downloads'] = 'A következő bővítmények telepítése sikeres.'; $lang['download_none'] = 'Nem találtam bővítményt vagy ismeretlen hiba történt a letöltés/telepítés közben.'; $lang['plugin'] = 'Bővítmény:'; diff --git a/lib/plugins/plugin/lang/id/lang.php b/lib/plugins/plugin/lang/id/lang.php index f3a1fe4e6..2653b075e 100644 --- a/lib/plugins/plugin/lang/id/lang.php +++ b/lib/plugins/plugin/lang/id/lang.php @@ -1,7 +1,8 @@ <?php + /** - * Indonesian language file - * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author Irwan Butar Butar <irwansah.putra@gmail.com> * @author Yustinus Waruwu <juswaruwu@gmail.com> */ diff --git a/lib/plugins/plugin/lang/ko/lang.php b/lib/plugins/plugin/lang/ko/lang.php index 6ef9cd69a..4cd1ae3c7 100644 --- a/lib/plugins/plugin/lang/ko/lang.php +++ b/lib/plugins/plugin/lang/ko/lang.php @@ -9,6 +9,7 @@ * @author Seung-Chul Yoo <dryoo@live.com> * @author erial2@gmail.com * @author Myeongjin <aranet100@gmail.com> + * @author Garam <rowain8@gmail.com> */ $lang['menu'] = '플러그인 관리'; $lang['download'] = '새 플러그인을 다운로드하고 설치'; diff --git a/lib/plugins/plugin/lang/no/lang.php b/lib/plugins/plugin/lang/no/lang.php index 829d29387..2b890f972 100644 --- a/lib/plugins/plugin/lang/no/lang.php +++ b/lib/plugins/plugin/lang/no/lang.php @@ -1,13 +1,14 @@ <?php + /** - * Norwegianlanguage file - * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author Thomas Nygreen <nygreen@gmail.com> * @author Arild Burud <arildb@met.no> * @author Torkill Bruland <torkar-b@online.no> * @author Rune M. Andersen <rune.andersen@gmail.com> * @author Jakob Vad Nielsen (me@jakobnielsen.net) - * @author Kjell Tore Næsgaard <kjell.t.nasgaard@ntnu.no> + * @author Kjell Tore Næsgaard <kjell.t.nasgaard@ntnu.no> * @author Knut Staring <knutst@gmail.com> * @author Lisa Ditlefsen <lisa@vervesearch.com> * @author Erik Pedersen <erik.pedersen@shaw.ca> diff --git a/lib/plugins/plugin/lang/pl/lang.php b/lib/plugins/plugin/lang/pl/lang.php index faaa69630..eae91f33e 100644 --- a/lib/plugins/plugin/lang/pl/lang.php +++ b/lib/plugins/plugin/lang/pl/lang.php @@ -1,8 +1,8 @@ <?php + /** - * polish language file - * * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author Michał Tkacz <mehow@autocom.pl> * @author Grzegorz Żur <grzegorz.zur@gmail.com> * @author Mariusz Kujawski <marinespl@gmail.com> diff --git a/lib/plugins/plugin/lang/zh/lang.php b/lib/plugins/plugin/lang/zh/lang.php index f69410503..b39c6b063 100644 --- a/lib/plugins/plugin/lang/zh/lang.php +++ b/lib/plugins/plugin/lang/zh/lang.php @@ -15,6 +15,7 @@ * @author caii, patent agent in China <zhoucaiqi@gmail.com> * @author lainme993@gmail.com * @author Shuo-Ting Jian <shoting@gmail.com> + * @author anjianshi <anjianshi@gmail.com> */ $lang['menu'] = '插件管理器'; $lang['download'] = '下载并安装新的插件'; @@ -26,7 +27,7 @@ $lang['btn_settings'] = '设置'; $lang['btn_download'] = '下载'; $lang['btn_enable'] = '保存'; $lang['url'] = 'URL'; -$lang['installed'] = '已安装:'; +$lang['installed'] = '安装时间:'; $lang['lastupdate'] = '最后更新于:'; $lang['source'] = '来源:'; $lang['unknown'] = '未知'; diff --git a/lib/plugins/popularity/lang/bg/lang.php b/lib/plugins/popularity/lang/bg/lang.php index ba731c0fc..963b50e84 100644 --- a/lib/plugins/popularity/lang/bg/lang.php +++ b/lib/plugins/popularity/lang/bg/lang.php @@ -1,7 +1,8 @@ <?php + /** - * Bulgarian language file - * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author Viktor Usunov <usun0v@mail.bg> * @author Kiril <neohidra@gmail.com> */ diff --git a/lib/plugins/popularity/lang/fi/lang.php b/lib/plugins/popularity/lang/fi/lang.php index d7c230742..ec0fc4071 100644 --- a/lib/plugins/popularity/lang/fi/lang.php +++ b/lib/plugins/popularity/lang/fi/lang.php @@ -1,7 +1,8 @@ <?php + /** - * Finnish language file - * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author Otto Vainio <otto@valjakko.net> * @author Teemu Mattila <ghcsystems@gmail.com> * @author Sami Olmari <sami@olmari.fi> diff --git a/lib/plugins/popularity/lang/ko/lang.php b/lib/plugins/popularity/lang/ko/lang.php index f52e0007a..f8cf4525d 100644 --- a/lib/plugins/popularity/lang/ko/lang.php +++ b/lib/plugins/popularity/lang/ko/lang.php @@ -9,6 +9,7 @@ * @author Seung-Chul Yoo <dryoo@live.com> * @author erial2@gmail.com * @author Myeongjin <aranet100@gmail.com> + * @author Garam <rowain8@gmail.com> */ $lang['name'] = '인기도 조사 (불러오는 데 시간이 걸릴 수 있습니다)'; $lang['submit'] = '자료 보내기'; diff --git a/lib/plugins/popularity/lang/no/lang.php b/lib/plugins/popularity/lang/no/lang.php index df38f6e0e..dfa99d824 100644 --- a/lib/plugins/popularity/lang/no/lang.php +++ b/lib/plugins/popularity/lang/no/lang.php @@ -1,10 +1,11 @@ <?php + /** - * Norwegian language file - * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author Rune M. Andersen <rune.andersen@gmail.com> * @author Jakob Vad Nielsen (me@jakobnielsen.net) - * @author Kjell Tore Næsgaard <kjell.t.nasgaard@ntnu.no> + * @author Kjell Tore Næsgaard <kjell.t.nasgaard@ntnu.no> * @author Knut Staring <knutst@gmail.com> * @author Lisa Ditlefsen <lisa@vervesearch.com> * @author Erik Pedersen <erik.pedersen@shaw.ca> diff --git a/lib/plugins/popularity/lang/pl/lang.php b/lib/plugins/popularity/lang/pl/lang.php index 76a9464bd..045574a69 100644 --- a/lib/plugins/popularity/lang/pl/lang.php +++ b/lib/plugins/popularity/lang/pl/lang.php @@ -1,7 +1,8 @@ <?php + /** - * Polish language file - * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author Grzegorz Żur <grzegorz.zur@gmail.com> * @author Mariusz Kujawski <marinespl@gmail.com> * @author Maciej Kurczewski <pipijajko@gmail.com> diff --git a/lib/plugins/revert/lang/ar/lang.php b/lib/plugins/revert/lang/ar/lang.php index 27de54f16..71f411c52 100644 --- a/lib/plugins/revert/lang/ar/lang.php +++ b/lib/plugins/revert/lang/ar/lang.php @@ -7,6 +7,7 @@ * @author Usama Akkad <uahello@gmail.com> * @author uahello@gmail.com * @author Ahmad Abd-Elghany <tolpa1@gmail.com> + * @author alhajr <alhajr300@gmail.com> */ $lang['menu'] = 'مدير الاسترجاع'; $lang['filter'] = 'ابحث في الصفحات المتأذاة'; diff --git a/lib/plugins/revert/lang/bg/lang.php b/lib/plugins/revert/lang/bg/lang.php index 0819de01a..5062a12ad 100644 --- a/lib/plugins/revert/lang/bg/lang.php +++ b/lib/plugins/revert/lang/bg/lang.php @@ -1,6 +1,8 @@ <?php + /** - * bulgarian language file + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author Nikolay Vladimirov <nikolay@vladimiroff.com> * @author Viktor Usunov <usun0v@mail.bg> * @author Kiril <neohidra@gmail.com> diff --git a/lib/plugins/revert/lang/fi/lang.php b/lib/plugins/revert/lang/fi/lang.php index fdf9bb81c..d14f527f9 100644 --- a/lib/plugins/revert/lang/fi/lang.php +++ b/lib/plugins/revert/lang/fi/lang.php @@ -1,7 +1,8 @@ <?php + /** - * Finnish language file - * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author otto@valjakko.net * @author Otto Vainio <otto@valjakko.net> * @author Teemu Mattila <ghcsystems@gmail.com> diff --git a/lib/plugins/revert/lang/hu/lang.php b/lib/plugins/revert/lang/hu/lang.php index d16764a35..278af1864 100644 --- a/lib/plugins/revert/lang/hu/lang.php +++ b/lib/plugins/revert/lang/hu/lang.php @@ -10,9 +10,10 @@ * @author Sándor TIHANYI <stihanyi+dw@gmail.com> * @author David Szabo <szabo.david@gyumolcstarhely.hu> * @author Marton Sebok <sebokmarton@gmail.com> + * @author Marina Vladi <deldadam@gmail.com> */ -$lang['menu'] = 'Visszaállítás kezelő (anti-SPAM)'; -$lang['filter'] = 'SPAM tartalmú oldalak keresése'; +$lang['menu'] = 'Visszaállítás-kezelő (anti-SPAM)'; +$lang['filter'] = 'SPAM-tartalmú oldalak keresése'; $lang['revert'] = 'Kiválasztott oldalak visszaállítása'; $lang['reverted'] = '%s a következő változatra lett visszaállítva: %s'; $lang['removed'] = '%s törölve'; diff --git a/lib/plugins/revert/lang/ko/intro.txt b/lib/plugins/revert/lang/ko/intro.txt index 7aa618ba6..565aa4bbe 100644 --- a/lib/plugins/revert/lang/ko/intro.txt +++ b/lib/plugins/revert/lang/ko/intro.txt @@ -1,3 +1,3 @@ ====== 되돌리기 관리자 ====== -스팸 공격으로부터 자동으로 되돌리는데 이 페이지가 도움이 될 수 있습니다. 스팸 공격받은 문서 목록을 찾으려면 문자열을 입력하고(예를 들어 스팸 URL) 나서 찾은 문서가 스팸 공격을 받았는지 확인하고 되돌리세요.
\ No newline at end of file +스팸 공격으로부터 자동으로 되돌리는데 이 페이지가 도움이 될 수 있습니다. 스팸에 공격 받은 문서 목록을 찾으려면 검색어를 입력하고(예를 들어 스팸 URL) 나서 찾은 문서가 스팸 공격을 받았는지 확인하고 되돌리세요.
\ No newline at end of file diff --git a/lib/plugins/revert/lang/ko/lang.php b/lib/plugins/revert/lang/ko/lang.php index e63706960..5666100e9 100644 --- a/lib/plugins/revert/lang/ko/lang.php +++ b/lib/plugins/revert/lang/ko/lang.php @@ -11,7 +11,7 @@ * @author Myeongjin <aranet100@gmail.com> */ $lang['menu'] = '되돌리기 관리자'; -$lang['filter'] = '스팸 문서 찾기'; +$lang['filter'] = '스팸 문서 검색'; $lang['revert'] = '선택한 문서 되돌리기'; $lang['reverted'] = '%s 판을 %s 판으로 되돌림'; $lang['removed'] = '%s 제거됨'; diff --git a/lib/plugins/revert/lang/no/lang.php b/lib/plugins/revert/lang/no/lang.php index 299b12ea7..c58300dc0 100644 --- a/lib/plugins/revert/lang/no/lang.php +++ b/lib/plugins/revert/lang/no/lang.php @@ -1,13 +1,14 @@ <?php + /** - * Norwegianlanguage file - * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author Thomas Nygreen <nygreen@gmail.com> * @author Arild Burud <arildb@met.no> * @author Torkill Bruland <torkar-b@online.no> * @author Rune M. Andersen <rune.andersen@gmail.com> * @author Jakob Vad Nielsen (me@jakobnielsen.net) - * @author Kjell Tore Næsgaard <kjell.t.nasgaard@ntnu.no> + * @author Kjell Tore Næsgaard <kjell.t.nasgaard@ntnu.no> * @author Knut Staring <knutst@gmail.com> * @author Lisa Ditlefsen <lisa@vervesearch.com> * @author Erik Pedersen <erik.pedersen@shaw.ca> @@ -15,6 +16,8 @@ * @author Rune Rasmussen syntaxerror.no@gmail.com * @author Jon Bøe <jonmagneboe@hotmail.com> * @author Egil Hansen <egil@rosetta.no> + * @author Thomas Juberg <Thomas.Juberg@Gmail.com> + * @author Boris <boris@newton-media.no> */ $lang['menu'] = 'Tilbakestillingsbehandler'; $lang['filter'] = 'Søk etter søppelmeldinger'; diff --git a/lib/plugins/revert/lang/pl/lang.php b/lib/plugins/revert/lang/pl/lang.php index 462841292..d2d53b87e 100644 --- a/lib/plugins/revert/lang/pl/lang.php +++ b/lib/plugins/revert/lang/pl/lang.php @@ -1,6 +1,8 @@ <?php + /** - * polish language file + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author Grzegorz Żur <grzegorz.zur@gmail.com> * @author Mariusz Kujawski <marinespl@gmail.com> * @author Maciej Kurczewski <pipijajko@gmail.com> diff --git a/lib/plugins/revert/lang/sv/lang.php b/lib/plugins/revert/lang/sv/lang.php index c30f82d93..e605a17d4 100644 --- a/lib/plugins/revert/lang/sv/lang.php +++ b/lib/plugins/revert/lang/sv/lang.php @@ -18,6 +18,7 @@ * @author Smorkster Andersson smorkster@gmail.com * @author Henrik <henrik@idealis.se> * @author Tor Härnqvist <tor.harnqvist@gmail.com> + * @author Hans Iwan Bratt <hibratt@gmail.com> */ $lang['menu'] = 'Hantera återställningar'; $lang['filter'] = 'Sök efter spamsidor'; diff --git a/lib/plugins/usermanager/_test/csv_export.test.php b/lib/plugins/usermanager/_test/csv_export.test.php new file mode 100644 index 000000000..667fc71dc --- /dev/null +++ b/lib/plugins/usermanager/_test/csv_export.test.php @@ -0,0 +1,59 @@ +<?php + +/** + * @group plugin_usermanager + * @group admin_plugins + * @group plugins + * @group bundled_plugins + */ +require_once(dirname(__FILE__).'/mocks.class.php'); + +class plugin_usermanager_csv_export_test extends DokuWikiTest { + + protected $usermanager; + + function setUp() { + $this->usermanager = new admin_mock_usermanager(); + parent::setUp(); + } + + /** + * based on standard test user/conf setup + * + * users per _test/conf/users.auth.php + * expected to be: testuser:179ad45c6ce2cb97cf1029e212046e81:Arthur Dent:arthur@example.com + */ + function test_export() { + $expected = 'User,"Real Name",Email,Groups +testuser,"Arthur Dent",arthur@example.com, +'; + $this->assertEquals($expected, $this->usermanager->tryExport()); + } + + /** + * when configured to use a different locale, the column headings in the first line of the + * exported csv data should reflect the langauge strings of that locale + */ + function test_export_withlocale(){ + global $conf; + $old_conf = $conf; + $conf['lang'] = 'de'; + + $this->usermanager->localised = false; + $this->usermanager->setupLocale(); + + $conf = $old_conf; + + $expected = 'Benutzername,"Voller Name",E-Mail,Gruppen +testuser,"Arthur Dent",arthur@example.com, +'; + $this->assertEquals($expected, $this->usermanager->tryExport()); + } +/* + function test_export_withfilter(){ + $this->markTestIncomplete( + 'This test has not been implemented yet.' + ); + } +*/ +} diff --git a/lib/plugins/usermanager/_test/csv_import.test.php b/lib/plugins/usermanager/_test/csv_import.test.php new file mode 100644 index 000000000..3968356bc --- /dev/null +++ b/lib/plugins/usermanager/_test/csv_import.test.php @@ -0,0 +1,185 @@ +<?php + +/** + * @group plugin_usermanager + * @group admin_plugins + * @group plugins + * @group bundled_plugins + */ + +require_once(dirname(__FILE__).'/mocks.class.php'); + +/** + * !!!!! NOTE !!!!! + * + * At present, users imported in individual tests remain in the user list for subsequent tests + */ +class plugin_usermanager_csv_import_test extends DokuWikiTest { + + private $old_files; + protected $usermanager; + protected $importfile; + + function setUp() { + $this->importfile = tempnam(TMP_DIR, 'csv'); + + $this->old_files = $_FILES; + $_FILES = array( + 'import' => array( + 'name' => 'import.csv', + 'tmp_name' => $this->importfile, + 'type' => 'text/plain', + 'size' => 1, + 'error' => 0, + ), + ); + + $this->usermanager = new admin_mock_usermanager(); + parent::setUp(); + } + + function tearDown() { + $_FILES = $this->old_files; + parent::tearDown(); + } + + function doImportTest($importCsv, $expectedResult, $expectedNewUsers, $expectedFailures) { + global $auth; + $before_users = $auth->retrieveUsers(); + + io_savefile($this->importfile, $importCsv); + $result = $this->usermanager->tryImport(); + + $after_users = $auth->retrieveUsers(); + $import_count = count($after_users) - count($before_users); + $new_users = array_diff_key($after_users, $before_users); + $diff_users = array_diff_assoc($after_users, $before_users); + + $expectedCount = count($expectedNewUsers); + + $this->assertEquals($expectedResult, $result); // import result as expected + $this->assertEquals($expectedCount, $import_count); // number of new users matches expected number imported + $this->assertEquals($expectedNewUsers, $this->stripPasswords($new_users)); // new user data matches imported user data + $this->assertEquals($expectedCount, $this->countPasswords($new_users)); // new users have a password + $this->assertEquals($expectedCount, $this->usermanager->mock_email_notifications_sent); // new users notified of their passwords + $this->assertEquals($new_users, $diff_users); // no other users were harmed in the testing of this import + $this->assertEquals($expectedFailures, $this->usermanager->getImportFailures()); // failures as expected + } + + function test_cantImport(){ + global $auth; + $oldauth = $auth; + + $auth = new auth_mock_authplain(); + $auth->setCanDo('addUser', false); + + $csv = 'User,"Real Name",Email,Groups +importuser,"Ford Prefect",ford@example.com,user +'; + + $this->doImportTest($csv, false, array(), array()); + + $auth = $oldauth; + } + + function test_import() { + $csv = 'User,"Real Name",Email,Groups +importuser,"Ford Prefect",ford@example.com,user +'; + $expected = array( + 'importuser' => array( + 'name' => 'Ford Prefect', + 'mail' => 'ford@example.com', + 'grps' => array('user'), + ), + ); + + $this->doImportTest($csv, true, $expected, array()); + } + + function test_importExisting() { + $csv = 'User,"Real Name",Email,Groups +importuser,"Ford Prefect",ford@example.com,user +'; + $failures = array( + '2' => array( + 'error' => $this->usermanager->lang['import_error_create'], + 'user' => array( + 'importuser', + 'Ford Prefect', + 'ford@example.com', + 'user', + ), + 'orig' => 'importuser,"Ford Prefect",ford@example.com,user'.NL, + ), + ); + + $this->doImportTest($csv, true, array(), $failures); + } + + function test_importUtf8() { + $csv = 'User,"Real Name",Email,Groups +importutf8,"Førd Prefect",ford@example.com,user +'; + $expected = array( + 'importutf8' => array( + 'name' => 'Førd Prefect', + 'mail' => 'ford@example.com', + 'grps' => array('user'), + ), + ); + + $this->doImportTest($csv, true, $expected, array()); + } + + /** + * utf8: u+00F8 (ø) <=> 0xF8 :iso-8859-1 + */ + function test_importIso8859() { + $csv = 'User,"Real Name",Email,Groups +importiso8859,"F'.chr(0xF8).'rd Prefect",ford@example.com,user +'; + $expected = array( + 'importiso8859' => array( + 'name' => 'Førd Prefect', + 'mail' => 'ford@example.com', + 'grps' => array('user'), + ), + ); + + $this->doImportTest($csv, true, $expected, array()); + } + + /** + * Verify usermanager::str_getcsv() behaves identically to php 5.3's str_getcsv() + * within the context/parameters required by _import() + * + * @requires PHP 5.3 + * @deprecated remove when dokuwiki requires 5.3+ + * also associated usermanager & mock usermanager access methods + */ + function test_getcsvcompatibility() { + $line = 'importuser,"Ford Prefect",ford@example.com,user'.NL; + + $this->assertEquals(str_getcsv($line), $this->usermanager->access_str_getcsv($line)); + } + + private function stripPasswords($array){ + foreach ($array as $user => $data) { + unset($array[$user]['pass']); + } + return $array; + } + + private function countPasswords($array){ + $count = 0; + foreach ($array as $user => $data) { + if (!empty($data['pass'])) { + $count++; + } + } + return $count; + } + +} + diff --git a/lib/plugins/usermanager/_test/mocks.class.php b/lib/plugins/usermanager/_test/mocks.class.php new file mode 100644 index 000000000..91c74768c --- /dev/null +++ b/lib/plugins/usermanager/_test/mocks.class.php @@ -0,0 +1,58 @@ +<?php + +/** + * test wrapper to allow access to private/protected functions/properties + * + * NB: for plugin introspection methods, getPluginType() & getPluginName() to work + * this class name needs to start "admin_" and end "_usermanager". Internally + * these methods are used in setting up the class, e.g. for language strings + */ +class admin_mock_usermanager extends admin_plugin_usermanager { + + public $mock_email_notifications = true; + public $mock_email_notifications_sent = 0; + + public function getImportFailures() { + return $this->_import_failures; + } + + public function tryExport() { + ob_start(); + $this->_export(); + return ob_get_clean(); + } + + public function tryImport() { + return $this->_import(); + } + + /** + * @deprecated remove when dokuwiki requires php 5.3+ + * also associated unit test & usermanager methods + */ + public function access_str_getcsv($line){ + return $this->str_getcsv($line); + } + + // no need to send email notifications (mostly) + protected function _notifyUser($user, $password, $status_alert=true) { + if ($this->mock_email_notifications) { + $this->mock_email_notifications_sent++; + return true; + } else { + return parent::_notifyUser($user, $password, $status_alert); + } + } + + protected function _isUploadedFile($file) { + return file_exists($file); + } +} + +class auth_mock_authplain extends auth_plugin_authplain { + + public function setCanDo($op, $canDo) { + $this->cando[$op] = $canDo; + } + +} diff --git a/lib/plugins/usermanager/admin.php b/lib/plugins/usermanager/admin.php index c4d71cb22..156037f09 100644 --- a/lib/plugins/usermanager/admin.php +++ b/lib/plugins/usermanager/admin.php @@ -814,6 +814,8 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { fputcsv($fd, $line); } fclose($fd); + if (defined('DOKU_UNITTEST')){ return; } + die; } @@ -822,7 +824,7 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { * * csv file should have 4 columns, user_id, full name, email, groups (comma separated) * - * @return bool whether succesful + * @return bool whether successful */ protected function _import() { // check we are allowed to add users @@ -830,7 +832,7 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { if (!$this->_auth->canDo('addUser')) return false; // check file uploaded ok. - if (empty($_FILES['import']['size']) || !empty($FILES['import']['error']) && is_uploaded_file($FILES['import']['tmp_name'])) { + if (empty($_FILES['import']['size']) || !empty($_FILES['import']['error']) && $this->_isUploadedFile($_FILES['import']['tmp_name'])) { msg($this->lang['import_error_upload'],-1); return false; } @@ -845,7 +847,7 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { if (!utf8_check($csv)) { $csv = utf8_encode($csv); } - $raw = str_getcsv($csv); + $raw = $this->_getcsv($csv); $error = ''; // clean out any errors from the previous line // data checks... if (1 == ++$line) { @@ -867,6 +869,7 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { $import_success_count++; } else { $import_fail_count++; + array_splice($raw, 1, 1); // remove the spliced in password $this->_import_failures[$line] = array('error' => $error, 'user' => $raw, 'orig' => $csv); } } @@ -940,7 +943,7 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { * * @param array $user data of user * @param string &$error reference catched error message - * @return bool whether succesful + * @return bool whether successful */ protected function _addImportUser($user, & $error){ if (!$this->_auth->triggerUserMod('create', $user)) { @@ -973,4 +976,37 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { die; } + /** + * wrapper for is_uploaded_file to facilitate overriding by test suite + */ + protected function _isUploadedFile($file) { + return is_uploaded_file($file); + } + + /** + * wrapper for str_getcsv() to simplify maintaining compatibility with php 5.2 + * + * @deprecated remove when dokuwiki php requirement increases to 5.3+ + * also associated unit test & mock access method + */ + protected function _getcsv($csv) { + return function_exists('str_getcsv') ? str_getcsv($csv) : $this->str_getcsv($csv); + } + + /** + * replacement str_getcsv() function for php < 5.3 + * loosely based on www.php.net/str_getcsv#88311 + * + * @deprecated remove when dokuwiki php requirement increases to 5.3+ + */ + protected function str_getcsv($str) { + $fp = fopen("php://temp/maxmemory:1048576", 'r+'); // 1MiB + fputs($fp, $str); + rewind($fp); + + $data = fgetcsv($fp); + + fclose($fp); + return $data; + } } diff --git a/lib/plugins/usermanager/lang/bg/lang.php b/lib/plugins/usermanager/lang/bg/lang.php index 9ed27f42a..9700385f8 100644 --- a/lib/plugins/usermanager/lang/bg/lang.php +++ b/lib/plugins/usermanager/lang/bg/lang.php @@ -1,7 +1,8 @@ <?php + /** - * bulgarian language file - * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author Nikolay Vladimirov <nikolay@vladimiroff.com> * @author Viktor Usunov <usun0v@mail.bg> * @author Kiril <neohidra@gmail.com> diff --git a/lib/plugins/usermanager/lang/da/lang.php b/lib/plugins/usermanager/lang/da/lang.php index 6b615b51d..47d7efea2 100644 --- a/lib/plugins/usermanager/lang/da/lang.php +++ b/lib/plugins/usermanager/lang/da/lang.php @@ -12,6 +12,7 @@ * @author rasmus@kinnerup.com * @author Michael Pedersen subben@gmail.com * @author Mikael Lyngvig <mikael@lyngvig.org> + * @author soer9648 <soer9648@eucl.dk> */ $lang['menu'] = 'Brugerstyring'; $lang['noauth'] = '(Brugervalidering er ikke tilgængelig)'; @@ -34,6 +35,11 @@ $lang['search'] = 'Søg'; $lang['search_prompt'] = 'Udfør søgning'; $lang['clear'] = 'Nulstil søgefilter'; $lang['filter'] = 'Filter'; +$lang['export_all'] = 'Eksportér Alle Brugere (CSV)'; +$lang['export_filtered'] = 'Eksportér Filtrerede Brugerliste (CSV)'; +$lang['import'] = 'Importér Nye Brugere'; +$lang['line'] = 'Linje nr.'; +$lang['error'] = 'Fejlmeddelelse'; $lang['summary'] = 'Viser brugerne %1$d-%2$d ud af %3$d fundne. %4$d brugere totalt.'; $lang['nonefound'] = 'Ingen brugere fundet. %d brugere totalt.'; $lang['delete_ok'] = '%d brugere slettet'; @@ -54,3 +60,15 @@ $lang['add_ok'] = 'Bruger tilføjet uden fejl.'; $lang['add_fail'] = 'Tilføjelse af bruger mislykkedes'; $lang['notify_ok'] = 'Meddelelse sendt'; $lang['notify_fail'] = 'Meddelelse kunne ikke sendes'; +$lang['import_userlistcsv'] = 'Brugerlistefil (CSV):'; +$lang['import_header'] = 'Nyeste Import - Fejl'; +$lang['import_success_count'] = 'Bruger-Import: %d brugere fundet, %d importeret med succes.'; +$lang['import_failure_count'] = 'Bruger-Import: %d fejlet. Fejl er listet nedenfor.'; +$lang['import_error_fields'] = 'Utilstrækkelige felter, fandt %d, påkrævet 4.'; +$lang['import_error_baduserid'] = 'Bruger-id mangler'; +$lang['import_error_badname'] = 'Ugyldigt navn'; +$lang['import_error_badmail'] = 'Ugyldig email-adresse'; +$lang['import_error_upload'] = 'Import Fejlet. CSV-filen kunne ikke uploades eller er tom.'; +$lang['import_error_readfail'] = 'Import Fejlet. Ikke muligt at læse uploadede fil.'; +$lang['import_error_create'] = 'Ikke muligt at oprette brugeren'; +$lang['import_notify_fail'] = 'Notifikationsmeddelelse kunne ikke sendes for importerede bruger %s, med emailen %s.'; diff --git a/lib/plugins/usermanager/lang/de/lang.php b/lib/plugins/usermanager/lang/de/lang.php index 21be74f71..4b297b0dc 100644 --- a/lib/plugins/usermanager/lang/de/lang.php +++ b/lib/plugins/usermanager/lang/de/lang.php @@ -20,6 +20,8 @@ * @author Matthias Schulte <dokuwiki@lupo49.de> * @author Sven <Svenluecke48@gmx.d> * @author christian studer <cstuder@existenz.ch> + * @author Ben Fey <benedikt.fey@beck-heun.de> + * @author Jonas Gröger <jonas.groeger@gmail.com> */ $lang['menu'] = 'Benutzerverwaltung'; $lang['noauth'] = '(Authentifizierungssystem nicht verfügbar)'; @@ -67,6 +69,8 @@ $lang['add_ok'] = 'Nutzer erfolgreich angelegt'; $lang['add_fail'] = 'Nutzer konnte nicht angelegt werden'; $lang['notify_ok'] = 'Benachrichtigungsmail wurde versandt'; $lang['notify_fail'] = 'Benachrichtigungsmail konnte nicht versandt werden'; +$lang['import_userlistcsv'] = 'Benutzerliste (CSV-Datei):'; +$lang['import_header'] = 'Letzte Fehler bei Import'; $lang['import_success_count'] = 'User-Import: %d User gefunden, %d erfolgreich importiert.'; $lang['import_failure_count'] = 'User-Import: %d fehlgeschlagen. Fehlgeschlagene User sind nachfolgend aufgelistet.'; $lang['import_error_fields'] = 'Unzureichende Anzahl an Feldern: %d gefunden, benötigt sind 4.'; @@ -77,3 +81,4 @@ $lang['import_error_upload'] = 'Import fehlgeschlagen. Die CSV-Datei konnte ni $lang['import_error_readfail'] = 'Import fehlgeschlagen. Die hochgeladene Datei konnte nicht gelesen werden.'; $lang['import_error_create'] = 'User konnte nicht angelegt werden'; $lang['import_notify_fail'] = 'Notifikation konnte nicht an den importierten Benutzer %s (E-Mail: %s) gesendet werden.'; +$lang['import_downloadfailures'] = 'Fehler als CSV-Datei zur Korrektur herunterladen'; diff --git a/lib/plugins/usermanager/lang/fi/lang.php b/lib/plugins/usermanager/lang/fi/lang.php index 1db4bd7fb..de243133a 100644 --- a/lib/plugins/usermanager/lang/fi/lang.php +++ b/lib/plugins/usermanager/lang/fi/lang.php @@ -1,7 +1,8 @@ <?php + /** - * Finnish language file - * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author otto@valjakko.net * @author Otto Vainio <otto@valjakko.net> * @author Teemu Mattila <ghcsystems@gmail.com> diff --git a/lib/plugins/usermanager/lang/fr/lang.php b/lib/plugins/usermanager/lang/fr/lang.php index 7c24ef900..dd0e64fc4 100644 --- a/lib/plugins/usermanager/lang/fr/lang.php +++ b/lib/plugins/usermanager/lang/fr/lang.php @@ -23,6 +23,7 @@ * @author Bruno Veilleux <bruno.vey@gmail.com> * @author Antoine Turmel <geekshadow@gmail.com> * @author schplurtz <Schplurtz@laposte.net> + * @author Jérôme Brandt <jeromebrandt@gmail.com> */ $lang['menu'] = 'Gestion des utilisateurs'; $lang['noauth'] = '(authentification de l\'utilisateur non disponible)'; @@ -70,6 +71,8 @@ $lang['add_ok'] = 'Utilisateur ajouté avec succès'; $lang['add_fail'] = 'Échec de l\'ajout de l\'utilisateur'; $lang['notify_ok'] = 'Courriel de notification expédié'; $lang['notify_fail'] = 'Échec de l\'expédition du courriel de notification'; +$lang['import_userlistcsv'] = 'Liste utilisateur (fichier CSV)'; +$lang['import_header'] = 'Erreurs d\'import les plus récentes'; $lang['import_success_count'] = 'Import d’utilisateurs : %d utilisateurs trouvés, %d utilisateurs importés avec succès.'; $lang['import_failure_count'] = 'Import d\'utilisateurs : %d ont échoué. Les erreurs sont listées ci-dessous.'; $lang['import_error_fields'] = 'Nombre de champs insuffisant, %d trouvé, 4 requis.'; @@ -80,3 +83,4 @@ $lang['import_error_upload'] = 'L\'import a échoué. Le fichier csv n\'a pas $lang['import_error_readfail'] = 'L\'import a échoué. Impossible de lire le fichier téléchargé.'; $lang['import_error_create'] = 'Impossible de créer l\'utilisateur'; $lang['import_notify_fail'] = 'Impossible d\'expédier une notification à l\'utilisateur importé %s, adresse %s.'; +$lang['import_downloadfailures'] = 'Télécharger les erreurs au format CSV pour correction'; diff --git a/lib/plugins/usermanager/lang/hu/import.txt b/lib/plugins/usermanager/lang/hu/import.txt index 5a4bc8b1c..f204f6a1e 100644 --- a/lib/plugins/usermanager/lang/hu/import.txt +++ b/lib/plugins/usermanager/lang/hu/import.txt @@ -1,9 +1,9 @@ ==== Felhasználók tömeges importálása ==== -Egy, legalább 4 oszlopot tartalmazó, felhasználóikat tartalmazó fájl szükséges hozzá. -Az oszlopok kötelező tartalma, megfelelő sorrendben: felhasználói azonosító, teljes név, e-mailcím és csoportjai. -A CSV mezőit vesszővel (,) kell elválasztani, a szövegeket idézőjelek ("") közé kell foglalni. -Mintafájl megtekintéséhez próbáld ki a fenti, "Felhasználók exportálása" funkciót. A fordított törtvonallal (\) lehet kilépni. -Megegyező felhasználói azonosítók esetén, nem kerülnek feldolgozásra. +Szükséges egy legalább 4 oszlopot tartalmazó, felhasználókat tartalmazó fájl. +Az oszlopok kötelező tartalma, sorrendben: felhasználói azonosító, teljes név, e-mailcím és csoport. +A CSV-mezőket vesszővel (,) kell elválasztani, a szövegeket idézőjelek ("") közé kell tenni. A fordított törtvonal (\) használható feloldójelnek. +Megfelelő mintafájl megtekintéséhez próbáld ki a "Felhasználók exportálása" funkciót fentebb. +A duplán szereplő felhasználói azonosítók kihagyásra kerülnek. -Minden sikeresen importált felhasználó kap egy e-mailt, amiben megtalálja a generált jelszavát.
\ No newline at end of file +Minden sikeresen importált felhasználó számára jelszó készül, amelyet e-mailben kézhez kap.
\ No newline at end of file diff --git a/lib/plugins/usermanager/lang/hu/lang.php b/lib/plugins/usermanager/lang/hu/lang.php index dd76bfd50..963fcd1fc 100644 --- a/lib/plugins/usermanager/lang/hu/lang.php +++ b/lib/plugins/usermanager/lang/hu/lang.php @@ -11,6 +11,7 @@ * @author David Szabo <szabo.david@gyumolcstarhely.hu> * @author Marton Sebok <sebokmarton@gmail.com> * @author Serenity87HUN <anikototh87@gmail.com> + * @author Marina Vladi <deldadam@gmail.com> */ $lang['menu'] = 'Felhasználók kezelése'; $lang['noauth'] = '(A felhasználói azonosítás nem működik.)'; @@ -58,14 +59,14 @@ $lang['add_ok'] = 'A felhasználó sikeresen hozzáadva.'; $lang['add_fail'] = 'A felhasználó hozzáadása nem sikerült.'; $lang['notify_ok'] = 'Értesítő levél elküldve.'; $lang['notify_fail'] = 'Nem sikerült az értesítő levelet elküldeni.'; -$lang['import_userlistcsv'] = 'Felhasználók listája fájl (CSV)'; +$lang['import_userlistcsv'] = 'Felhasználók listájának fájlja (CSV)'; $lang['import_header'] = 'Legutóbbi importálás - Hibák'; $lang['import_success_count'] = 'Felhasználók importálása: %d felhasználót találtunk, ebből %d sikeresen importálva.'; $lang['import_failure_count'] = 'Felhasználók importálása: %d sikertelen. A sikertelenség okait lejjebb találod.'; $lang['import_error_fields'] = 'Túl kevés mezőt adtál meg, %d darabot találtunk, legalább 4-re van szükség.'; $lang['import_error_baduserid'] = 'Felhasználói azonosító hiányzik'; -$lang['import_error_badname'] = 'Nem megfelelő név'; -$lang['import_error_badmail'] = 'Nem megfelelő e-mailcím'; +$lang['import_error_badname'] = 'Helytelen név'; +$lang['import_error_badmail'] = 'Helytelen e-mailcím'; $lang['import_error_upload'] = 'Sikertelen importálás. A csv fájl nem feltölthető vagy üres.'; $lang['import_error_readfail'] = 'Sikertelen importálás. A feltöltött fájl nem olvasható.'; $lang['import_error_create'] = 'Ez a felhasználó nem hozható létre'; diff --git a/lib/plugins/usermanager/lang/id/lang.php b/lib/plugins/usermanager/lang/id/lang.php index 457ad4963..425b2ff59 100644 --- a/lib/plugins/usermanager/lang/id/lang.php +++ b/lib/plugins/usermanager/lang/id/lang.php @@ -1,7 +1,8 @@ <?php + /** - * Indonesian language file - * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author Irwan Butar Butar <irwansah.putra@gmail.com> * @author Yustinus Waruwu <juswaruwu@gmail.com> */ diff --git a/lib/plugins/usermanager/lang/it/lang.php b/lib/plugins/usermanager/lang/it/lang.php index dfacc6545..6c6789442 100644 --- a/lib/plugins/usermanager/lang/it/lang.php +++ b/lib/plugins/usermanager/lang/it/lang.php @@ -15,6 +15,7 @@ * @author Jacopo Corbetta <jacopo.corbetta@gmail.com> * @author Matteo Pasotti <matteo@xquiet.eu> * @author snarchio@gmail.com + * @author Claudio Lanconelli <lancos@libero.it> */ $lang['menu'] = 'Gestione Utenti'; $lang['noauth'] = '(autenticazione non disponibile)'; @@ -37,6 +38,8 @@ $lang['search'] = 'Cerca'; $lang['search_prompt'] = 'Esegui ricerca'; $lang['clear'] = 'Azzera filtro di ricerca'; $lang['filter'] = 'Filtro'; +$lang['export_all'] = 'Esporta tutti gli utenti (CSV)'; +$lang['export_filtered'] = 'Esporta elenco utenti filtrati (CSV)'; $lang['summary'] = 'Visualizzazione utenti %1$d-%2$d di %3$d trovati. %4$d utenti totali.'; $lang['nonefound'] = 'Nessun utente trovato. %d utenti totali.'; $lang['delete_ok'] = '%d utenti eliminati'; diff --git a/lib/plugins/usermanager/lang/ja/import.txt b/lib/plugins/usermanager/lang/ja/import.txt index d4f7d08bf..751e515ac 100644 --- a/lib/plugins/usermanager/lang/ja/import.txt +++ b/lib/plugins/usermanager/lang/ja/import.txt @@ -4,7 +4,7 @@ 列の順序:ユーザーID、氏名、電子メールアドレス、グループ。 CSVフィールドはカンマ(,)区切り、文字列は引用符("")区切りです。 エスケープにバックスラッシュ(\)を使用できます。 -適切なファイル例は、上記の"エクスポートユーザー"機能で試して下さい。 +適切なファイル例は、上記の"エクスポートユーザー"機能で試して下さい。 重複するユーザーIDは無視されます。 正常にインポートされたユーザー毎に、パスワードを作成し、電子メールで送付します。
\ No newline at end of file diff --git a/lib/plugins/usermanager/lang/ja/lang.php b/lib/plugins/usermanager/lang/ja/lang.php index 0830416f3..23109f2a2 100644 --- a/lib/plugins/usermanager/lang/ja/lang.php +++ b/lib/plugins/usermanager/lang/ja/lang.php @@ -54,7 +54,7 @@ $lang['edit_usermissing'] = '選択したユーザーは見つかりませ $lang['user_notify'] = 'ユーザーに通知する'; $lang['note_notify'] = '通知メールは、ユーザーに新たなパスワードが設定された場合のみ送信されます。'; $lang['note_group'] = 'グループを指定しない場合は、既定のグループ(%s)に配属されます。'; -$lang['note_pass'] = 'パスワードを空欄とした場合は、(”ユーザーに通知する”がチェックされていなくとも)自動生成したパスワードの通知がユーザー宛てに送信されます。'; +$lang['note_pass'] = '”ユーザーに通知する”をチェックしてパスワードを空欄にすると、パスワードは自動生成されます。'; $lang['add_ok'] = 'ユーザーを登録しました'; $lang['add_fail'] = 'ユーザーの登録に失敗しました'; $lang['notify_ok'] = '通知メールを送信しました'; diff --git a/lib/plugins/usermanager/lang/ko/lang.php b/lib/plugins/usermanager/lang/ko/lang.php index 1905fadc2..ac129c95e 100644 --- a/lib/plugins/usermanager/lang/ko/lang.php +++ b/lib/plugins/usermanager/lang/ko/lang.php @@ -10,6 +10,7 @@ * @author erial2@gmail.com * @author Myeongjin <aranet100@gmail.com> * @author Gerrit Uitslag <klapinklapin@gmail.com> + * @author Garam <rowain8@gmail.com> */ $lang['menu'] = '사용자 관리자'; $lang['noauth'] = '(사용자 인증이 불가능합니다)'; @@ -28,9 +29,9 @@ $lang['delete_selected'] = '선택 삭제'; $lang['edit'] = '편집'; $lang['edit_prompt'] = '이 사용자 편집'; $lang['modify'] = '바뀜 저장'; -$lang['search'] = '찾기'; -$lang['search_prompt'] = '찾기 실행'; -$lang['clear'] = '찾기 필터 재설정'; +$lang['search'] = '검색'; +$lang['search_prompt'] = '검색 수행'; +$lang['clear'] = '검색 필터 재설정'; $lang['filter'] = '필터'; $lang['export_all'] = '모든 사용자 목록 내보내기 (CSV)'; $lang['export_filtered'] = '필터된 사용자 목록 내보내기 (CSV)'; @@ -52,7 +53,7 @@ $lang['edit_usermissing'] = '선택된 사용자를 찾을 수 없습니다 $lang['user_notify'] = '사용자에게 알림'; $lang['note_notify'] = '사용자에게 새로운 비밀번호를 준 경우에만 알림 이메일이 보내집니다.'; $lang['note_group'] = '새로운 사용자는 어떤 그룹도 설정하지 않은 경우에 기본 그룹(%s)에 추가됩니다.'; -$lang['note_pass'] = '사용자 통지가 지정되어 있을 때 필드에 아무 값도 입력하지 않으면 비밀번호가 자동으로 만들어집니다.'; +$lang['note_pass'] = '사용자 알림이 지정되어 있을 때 필드에 아무 값도 입력하지 않으면 비밀번호가 자동으로 만들어집니다.'; $lang['add_ok'] = '사용자를 성공적으로 추가했습니다'; $lang['add_fail'] = '사용자 추가를 실패했습니다'; $lang['notify_ok'] = '알림 이메일을 성공적으로 보냈습니다'; @@ -68,5 +69,5 @@ $lang['import_error_badmail'] = '잘못된 이메일 주소'; $lang['import_error_upload'] = '가져오기를 실패했습니다. csv 파일을 올릴 수 없거나 비어 있습니다.'; $lang['import_error_readfail'] = '가져오기를 실패했습니다. 올린 파일을 읽을 수 없습니다.'; $lang['import_error_create'] = '사용자를 만들 수 없습니다.'; -$lang['import_notify_fail'] = '알림 메시지를 가져온 %2$s (이메일: %1$s ) 사용자에게 보낼 수 없습니다.'; +$lang['import_notify_fail'] = '알림 메시지를 가져온 %s (이메일: %s) 사용자에게 보낼 수 없습니다.'; $lang['import_downloadfailures'] = '교정을 위한 CSV로 다운로드 실패'; diff --git a/lib/plugins/usermanager/lang/no/lang.php b/lib/plugins/usermanager/lang/no/lang.php index 7124e4811..83823b2b8 100644 --- a/lib/plugins/usermanager/lang/no/lang.php +++ b/lib/plugins/usermanager/lang/no/lang.php @@ -1,13 +1,14 @@ <?php + /** - * Norwegianlanguage file - * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author Thomas Nygreen <nygreen@gmail.com> * @author Arild Burud <arildb@met.no> * @author Torkill Bruland <torkar-b@online.no> * @author Rune M. Andersen <rune.andersen@gmail.com> * @author Jakob Vad Nielsen (me@jakobnielsen.net) - * @author Kjell Tore Næsgaard <kjell.t.nasgaard@ntnu.no> + * @author Kjell Tore Næsgaard <kjell.t.nasgaard@ntnu.no> * @author Knut Staring <knutst@gmail.com> * @author Lisa Ditlefsen <lisa@vervesearch.com> * @author Erik Pedersen <erik.pedersen@shaw.ca> diff --git a/lib/plugins/usermanager/lang/pl/lang.php b/lib/plugins/usermanager/lang/pl/lang.php index cfc0ba327..2e063d2bb 100644 --- a/lib/plugins/usermanager/lang/pl/lang.php +++ b/lib/plugins/usermanager/lang/pl/lang.php @@ -1,7 +1,8 @@ <?php + /** - * polish language file - * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * * @author Grzegorz Żur <grzegorz.zur@gmail.com> * @author Mariusz Kujawski <marinespl@gmail.com> * @author Maciej Kurczewski <pipijajko@gmail.com> diff --git a/lib/plugins/usermanager/lang/pt-br/lang.php b/lib/plugins/usermanager/lang/pt-br/lang.php index 9bb37742a..356d139eb 100644 --- a/lib/plugins/usermanager/lang/pt-br/lang.php +++ b/lib/plugins/usermanager/lang/pt-br/lang.php @@ -20,6 +20,7 @@ * @author Victor Westmann <victor.westmann@gmail.com> * @author Leone Lisboa Magevski <leone1983@gmail.com> * @author Dário Estevão <darioems@gmail.com> + * @author Juliano Marconi Lanigra <juliano.marconi@gmail.com> */ $lang['menu'] = 'Gerenciamento de Usuários'; $lang['noauth'] = '(o gerenciamento de usuários não está disponível)'; @@ -43,6 +44,7 @@ $lang['search_prompt'] = 'Executar a pesquisa'; $lang['clear'] = 'Limpar o filtro de pesquisa'; $lang['filter'] = 'Filtro'; $lang['export_all'] = 'Exportar Todos Usuários (CSV)'; +$lang['export_filtered'] = 'Exportar lista de Usuários Filtrados (CSV)'; $lang['import'] = 'Importar Novos Usuários'; $lang['line'] = 'Linha Nº.'; $lang['error'] = 'Mensagem de Erro'; @@ -66,6 +68,8 @@ $lang['add_ok'] = 'O usuário foi adicionado com sucesso'; $lang['add_fail'] = 'O usuário não foi adicionado'; $lang['notify_ok'] = 'O e-mail de notificação foi enviado'; $lang['notify_fail'] = 'Não foi possível enviar o e-mail de notificação'; +$lang['import_userlistcsv'] = 'Arquivo de lista de usuários (CSV):'; +$lang['import_header'] = 'Importações Mais Recentes - Falhas'; $lang['import_success_count'] = 'Importação de Usuário: %d usuário (s) encontrado (s), %d importado (s) com sucesso.'; $lang['import_failure_count'] = 'Importação de Usuário: %d falhou. As falhas estão listadas abaixo.'; $lang['import_error_fields'] = 'Campos insuficientes, encontrado (s) %d, necessário 4.'; @@ -75,3 +79,5 @@ $lang['import_error_badmail'] = 'Endereço de email errado'; $lang['import_error_upload'] = 'Falha na Importação: O arquivo csv não pode ser carregado ou está vazio.'; $lang['import_error_readfail'] = 'Falha na Importação: Habilitar para ler o arquivo a ser carregado.'; $lang['import_error_create'] = 'Habilitar para criar o usuário.'; +$lang['import_notify_fail'] = 'Mensagem de notificação não pode ser enviada para o usuário importado, %s com email %s.'; +$lang['import_downloadfailures'] = 'Falhas no Download como CSV para correção'; diff --git a/lib/plugins/usermanager/lang/zh-tw/import.txt b/lib/plugins/usermanager/lang/zh-tw/import.txt new file mode 100644 index 000000000..a6bb5f6ef --- /dev/null +++ b/lib/plugins/usermanager/lang/zh-tw/import.txt @@ -0,0 +1,9 @@ +===== 批次匯入使用者 ===== + +需提供 CSV 格式的使用者列表檔案(UTF-8 編碼)。 +每列至少 4 欄,依序為:帳號、姓名、電郵、群組。 +各欄以半形逗號 (,) 分隔,有半形逗號的字串可用半形雙引號 ("") 分開,引號可用反斜線 (\) 跳脫。 +重複的使用者帳號會自動忽略。 +如需要範例檔案,可用上面的「匯出使用者」取得。 + +系統會為成功匯入的使用者產生密碼並寄信通知。 diff --git a/lib/plugins/usermanager/lang/zh-tw/lang.php b/lib/plugins/usermanager/lang/zh-tw/lang.php index c7126bd1a..3fb6b6712 100644 --- a/lib/plugins/usermanager/lang/zh-tw/lang.php +++ b/lib/plugins/usermanager/lang/zh-tw/lang.php @@ -9,21 +9,26 @@ * @author Wayne San <waynesan@zerozone.tw> * @author Li-Jiun Huang <ljhuang.tw@gmai.com> * @author Cheng-Wei Chien <e.cwchien@gmail.com> - * @author Danny Lin <danny0838@pchome.com.tw> * @author Shuo-Ting Jian <shoting@gmail.com> * @author syaoranhinata@gmail.com * @author Ichirou Uchiki <syaoranhinata@gmail.com> * @author tsangho <ou4222@gmail.com> + * @author Danny Lin <danny0838@gmail.com> */ $lang['menu'] = '帳號管理器'; + +// custom language strings for the plugin $lang['noauth'] = '(帳號認證尚未開放)'; $lang['nosupport'] = '(尚不支援帳號管理)'; + $lang['badauth'] = '錯誤的認證機制'; + $lang['user_id'] = '帳號'; $lang['user_pass'] = '密碼'; $lang['user_name'] = '名稱'; $lang['user_mail'] = '電郵'; $lang['user_groups'] = '群組'; + $lang['field'] = '欄位'; $lang['value'] = '設定值'; $lang['add'] = '增加'; @@ -36,8 +41,12 @@ $lang['search'] = '搜尋'; $lang['search_prompt'] = '開始搜尋'; $lang['clear'] = '重設篩選條件'; $lang['filter'] = '篩選條件 (Filter)'; -$lang['import'] = '匯入新的用戶'; +$lang['export_all'] = '匯出所有使用者 (CSV)'; +$lang['export_filtered'] = '匯出篩選後的使用者列表 (CSV)'; +$lang['import'] = '匯入新使用者'; +$lang['line'] = '列號'; $lang['error'] = '錯誤訊息'; + $lang['summary'] = '顯示帳號 %1$d-%2$d,共 %3$d 筆符合。共有 %4$d 個帳號。'; $lang['nonefound'] = '找不到帳號。共有 %d 個帳號。'; $lang['delete_ok'] = '已刪除 %d 個帳號'; @@ -45,10 +54,13 @@ $lang['delete_fail'] = '%d 個帳號無法刪除。'; $lang['update_ok'] = '已更新該帳號'; $lang['update_fail'] = '無法更新該帳號'; $lang['update_exists'] = '無法變更帳號名稱 (%s) ,因為有同名帳號存在。其他修改則已套用。'; + $lang['start'] = '開始'; $lang['prev'] = '上一頁'; $lang['next'] = '下一頁'; $lang['last'] = '最後一頁'; + +// added after 2006-03-09 release $lang['edit_usermissing'] = '找不到選取的帳號,可能已被刪除或改為其他名稱。'; $lang['user_notify'] = '通知使用者'; $lang['note_notify'] = '通知信只會在指定使用者新密碼時寄送。'; @@ -58,4 +70,18 @@ $lang['add_ok'] = '已新增使用者'; $lang['add_fail'] = '無法新增使用者'; $lang['notify_ok'] = '通知信已寄出'; $lang['notify_fail'] = '通知信無法寄出'; -$lang['import_error_readfail'] = '會入錯誤,無法讀取已經上傳的檔案'; + +// import & errors +$lang['import_userlistcsv'] = '使用者列表檔案 (CSV): '; +$lang['import_header'] = '最近一次匯入 - 失敗'; +$lang['import_success_count'] = '使用者匯入:找到 %d 個使用者,已成功匯入 %d 個。'; +$lang['import_failure_count'] = '使用者匯入:%d 個匯入失敗,列出於下。'; +$lang['import_error_fields'] = '欄位不足,需要 4 個,找到 %d 個。'; +$lang['import_error_baduserid'] = '使用者帳號遺失'; +$lang['import_error_badname'] = '名稱不正確'; +$lang['import_error_badmail'] = '電郵位址不正確'; +$lang['import_error_upload'] = '匯入失敗,CSV 檔案內容空白或無法匯入。'; +$lang['import_error_readfail'] = '匯入錯誤,無法讀取上傳的檔案'; +$lang['import_error_create'] = '無法建立使用者'; +$lang['import_notify_fail'] = '通知訊息無法寄給已匯入的使用者 %s(電郵 %s)'; +$lang['import_downloadfailures'] = '下載失敗項的 CSV 檔案以供修正'; diff --git a/lib/plugins/usermanager/lang/zh/lang.php b/lib/plugins/usermanager/lang/zh/lang.php index 25eb1a294..b833c6ce4 100644 --- a/lib/plugins/usermanager/lang/zh/lang.php +++ b/lib/plugins/usermanager/lang/zh/lang.php @@ -17,6 +17,7 @@ * @author Shuo-Ting Jian <shoting@gmail.com> * @author Rachel <rzhang0802@gmail.com> * @author Yangyu Huang <yangyu.huang@gmail.com> + * @author oott123 <ip.192.168.1.1@qq.com> */ $lang['menu'] = '用户管理器'; $lang['noauth'] = '(用户认证不可用)'; @@ -76,3 +77,4 @@ $lang['import_error_upload'] = '导入失败。CSV 文件无法上传或是空 $lang['import_error_readfail'] = '导入失败。无法读取上传的文件。'; $lang['import_error_create'] = '不能创建新用户'; $lang['import_notify_fail'] = '通知消息无法发送到导入的用户 %s,电子邮件地址是 %s。'; +$lang['import_downloadfailures'] = '下载CSV的错误信息以修正。'; |